CRL & OCSP report for adfs2.bancosol.com.bo (Banco Solidario S.A.)

adfs2.bancosol.com.bo

Certificate details for adfs2.bancosol.com.bo (At position 0 in certificate chain)
Serial number:
hex: 11215bed40dd3f618f3769a10bb5a42bfed1
int: 1492260370585890316432583024209709341867729
Issued by: GlobalSign Extended Validation CA - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Company registration number: 1020607027
Organization: Banco Solidario S.A.
Organization unit: IT
Address: Calle Nicolas Acosta 289
State / Province: La Paz
Locality: La Paz
Country: BO
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for adfs2.bancosol.com.bo.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsextendvalg2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsextendvalg2.crl
Size: 473 bytes (DER data)
Response time: 10.300441ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Hit from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3744eeaff02018a0-EWR]
Content-Length: [473]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 03:45:09 GMT]
Etag: [016A05]
Expires: [Sun, 02 Jul 2017 02:35:22 GMT]
Last-Modified: [Sun, 25 Jun 2017 02:35:22 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=db6811921dd7b8993942bfe73b056b2e61498362309; expires=Mon, 25-Jun-18 03:45:09 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 9c3935366a39acd2af942625478df61e.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [ejVQbydtp4t2UNch98vrFIZ2gbNbmh-9uKx2Yr5L3_YExvI2ZXhDsw==]
X-Cache: [Hit from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsextendvalg2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsextendvalg2 (GET)
Size: 1588 bytes (DER data)
Response time: 3.365387675s
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Extended Validation CA - G2 OCSP responder
Issued by: GlobalSign Extended Validation CA - G2
Signing certificate validity: 2017-04-07 - 2017-07-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

URL used for GET request

http://ocsp2.globalsign.com/gsextendvalg2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBSgcg6ganxiAlTyqPWd0nuk87cvpAQUsLBK%2FRx1KPgcYaoT9vrBkD1rFqMCEhEhW%2B1A3T9hjzdpoQu1pCv%2B0Q%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBSgcg6ganxiAlTyqPWd0nuk87cvpAQUsLBK
/Rx1KPgcYaoT9vrBkD1rFqMCEhEhW+1A3T9hjzdpoQu1pCv+0Q==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGMAoBAKCCBikwggYlBgkrBgEFBQcwAQEEggYWMIIGEjCBxqIWBBQiuVoI5qGQ
ipm2lju45xpIdvS3pBgPMjAxNzA2MjUwMzQ1MTJaMIGaMIGXMEswCQYFKw4DAhoF
AAQUoHIOoGp8YgJU8qj1ndJ7pPO3L6QEFLCwSv0cdSj4HGGqE/b6wZA9axajAhIR
IVvtQN0/YY83aaELtaQr/tGAABgPMjAxNzA2MjUwMzQ1MTJaoBEYDzIwMTcwNjI5
MDM0NTEyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI1MDM0NTEyWjANBgkq
hkiG9w0BAQsFAAOCAQEAAJlIjzmF4uqEV58OYTZlg+LB9oE3SBwzREMtG1CqPtwj
58hX4eqsM++LqNp2Lmhjq0ZLCR5ekByNATB8v2EPwIWvbuQtzEUuRvOJcWiNd1pd
OtWwkFLktLYtGWT9PqmBIhrxaAMCDuscTN9KEc61hjPZUfds2apXnzUy/anFRfvd
jnbjUha6gMTSHNJQzYpheJuaJnXbbgTJRlqdYcUFJMNH6T+swKiswJRMmdIzJMDI
JZg7rOYRSNr/SUxHv+Dpm6q5jkfQWY8O80wYhRBQ6DymIzNnkhldGK+xOwUO7oFY
uIAQU3rnIEniGDbgXoFsp6j2RvG/38/CEAopYyiQuqCCBDEwggQtMIIEKTCCAxGg
AwIBAgIMNxDadzeaHyLxT/RPMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS8wLQYDVQQDEyZHbG9iYWxTaWdu
IEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBHMjAeFw0xNzA0MDcwMDAwMDBaFw0x
NzA3MTUwMDAwMDBaMIGBMQswCQYDVQQGEwJTRzEbMBkGA1UEChMSR2xvYmFsU2ln
biBQdGUgTHRkMRUwEwYDVQQFEwwyMDE2MTIwNzE2MTgxPjA8BgNVBAMTNUdsb2Jh
bFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyIE9DU1AgcmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgTkqF52Bkmv7lzDzm2
8EdUhYTMD4ilkEVMOQZqtiOzlIkzsAylMVHEn84YNNTmW4n6uBMQbPQUQ1zDqoxm
lPo2tLOdzkvWwzp6WCtBxTbLVK8XFJEE8VH0XLKovSe9EtpFQQqdVUrj8AOsjsfQ
g1mBvQWLphZRsw8zDEY85XsV8jqVEHroyOO1IuMX+PxHT4F+XbjS6/q5tatqcKdi
PizDe3Nb73/4bajoJ9HWtIjPwDRcm03dGP+hhc5xRvnHy8hGZZQBb7pkE76mDjW3
XGw1M1SssKvxZlzDueGXTKtGNwnczD470sD+VdX0hm23lz72n2/rsu36/T0wlcit
swIDAQABo4HHMIHEMB0GA1UdDgQWBBQiuVoI5qGQipm2lju45xpIdvS3pDAfBgNV
HSMEGDAWgBSwsEr9HHUo+BxhqhP2+sGQPWsWozAPBgkrBgEFBQcwAQUEAgUAMEwG
A1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNV
HSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQUFAAOCAQEAIjYEr3fwsCk9WvY4
CL9suk+3L65xubgkexg2KELvfzGgdtCVRf0nGrD9YRC7ARbuhfcRky8drArw/5qK
09JOoL850Bxyu5AJUu8NeLFQNH21f8ulSox2LUEcT31xZJ/C9fZKeHeuYN1S4hqA
I6VpJh6Szh9wioReIjjPkpB+ErdcLSAQwG/oxZ+8GrYLl3M5aKmhAneapdzcu+pk
jK0tezFXgrpSS/JaklkRSbMZ75g4tzC9gEWoXyNVZrJLaFLpeBxwch+3xv3IMVGN
MY/c67jn4F6BMIWgwRsxOdO5+d70rk6jVTdXDNwQqeITCQHcv6mbB9SdE32w9o8o
HVgHtw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEKTCCAxGgAwIBAgIMNxDadzeaHyLxT/RPMA0GCSqGSIb3DQEBBQUAMFkxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS8wLQYDVQQDEyZH
bG9iYWxTaWduIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBHMjAeFw0xNzA0MDcw
MDAwMDBaFw0xNzA3MTUwMDAwMDBaMIGBMQswCQYDVQQGEwJTRzEbMBkGA1UEChMS
R2xvYmFsU2lnbiBQdGUgTHRkMRUwEwYDVQQFEwwyMDE2MTIwNzE2MTgxPjA8BgNV
BAMTNUdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyIE9DU1Ag
cmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgTkqF5
2Bkmv7lzDzm28EdUhYTMD4ilkEVMOQZqtiOzlIkzsAylMVHEn84YNNTmW4n6uBMQ
bPQUQ1zDqoxmlPo2tLOdzkvWwzp6WCtBxTbLVK8XFJEE8VH0XLKovSe9EtpFQQqd
VUrj8AOsjsfQg1mBvQWLphZRsw8zDEY85XsV8jqVEHroyOO1IuMX+PxHT4F+XbjS
6/q5tatqcKdiPizDe3Nb73/4bajoJ9HWtIjPwDRcm03dGP+hhc5xRvnHy8hGZZQB
b7pkE76mDjW3XGw1M1SssKvxZlzDueGXTKtGNwnczD470sD+VdX0hm23lz72n2/r
su36/T0wlcitswIDAQABo4HHMIHEMB0GA1UdDgQWBBQiuVoI5qGQipm2lju45xpI
dvS3pDAfBgNVHSMEGDAWgBSwsEr9HHUo+BxhqhP2+sGQPWsWozAPBgkrBgEFBQcw
AQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0
dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQUFAAOCAQEAIjYE
r3fwsCk9WvY4CL9suk+3L65xubgkexg2KELvfzGgdtCVRf0nGrD9YRC7ARbuhfcR
ky8drArw/5qK09JOoL850Bxyu5AJUu8NeLFQNH21f8ulSox2LUEcT31xZJ/C9fZK
eHeuYN1S4hqAI6VpJh6Szh9wioReIjjPkpB+ErdcLSAQwG/oxZ+8GrYLl3M5aKmh
Aneapdzcu+pkjK0tezFXgrpSS/JaklkRSbMZ75g4tzC9gEWoXyNVZrJLaFLpeBxw
ch+3xv3IMVGNMY/c67jn4F6BMIWgwRsxOdO5+d70rk6jVTdXDNwQqeITCQHcv6mb
B9SdE32w9o8oHVgHtw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3744eeaff0bf2198-EWR]
Content-Length: [1588]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:45:12 GMT]
Etag: ["965bfd3effbc9b078e056d792b673b431519ce97"]
Expires: [Thu, 29 Jun 2017 03:45:12 GMT]
Last-Modified: [Sun, 25 Jun 2017 03:45:12 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dac3f8eec3ce69e4c6cc59ad2042740a01498362309; expires=Mon, 25-Jun-18 03:45:09 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsextendvalg2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsextendvalg2 (POST)
Size: 1588 bytes (DER data)
Response time: 3.508506995s
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Extended Validation CA - G2 OCSP responder
Issued by: GlobalSign Extended Validation CA - G2
Signing certificate validity: 2017-04-07 - 2017-07-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBSgcg6ganxiAlTyqPWd0nuk87cvpAQUsLBK
/Rx1KPgcYaoT9vrBkD1rFqMCEhEhW+1A3T9hjzdpoQu1pCv+0Q==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGMAoBAKCCBikwggYlBgkrBgEFBQcwAQEEggYWMIIGEjCBxqIWBBQiuVoI5qGQ
ipm2lju45xpIdvS3pBgPMjAxNzA2MjUwMzQ1MTJaMIGaMIGXMEswCQYFKw4DAhoF
AAQUoHIOoGp8YgJU8qj1ndJ7pPO3L6QEFLCwSv0cdSj4HGGqE/b6wZA9axajAhIR
IVvtQN0/YY83aaELtaQr/tGAABgPMjAxNzA2MjUwMzQ1MTJaoBEYDzIwMTcwNjI5
MDM0NTEyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI1MDM0NTEyWjANBgkq
hkiG9w0BAQsFAAOCAQEAAJlIjzmF4uqEV58OYTZlg+LB9oE3SBwzREMtG1CqPtwj
58hX4eqsM++LqNp2Lmhjq0ZLCR5ekByNATB8v2EPwIWvbuQtzEUuRvOJcWiNd1pd
OtWwkFLktLYtGWT9PqmBIhrxaAMCDuscTN9KEc61hjPZUfds2apXnzUy/anFRfvd
jnbjUha6gMTSHNJQzYpheJuaJnXbbgTJRlqdYcUFJMNH6T+swKiswJRMmdIzJMDI
JZg7rOYRSNr/SUxHv+Dpm6q5jkfQWY8O80wYhRBQ6DymIzNnkhldGK+xOwUO7oFY
uIAQU3rnIEniGDbgXoFsp6j2RvG/38/CEAopYyiQuqCCBDEwggQtMIIEKTCCAxGg
AwIBAgIMNxDadzeaHyLxT/RPMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS8wLQYDVQQDEyZHbG9iYWxTaWdu
IEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBHMjAeFw0xNzA0MDcwMDAwMDBaFw0x
NzA3MTUwMDAwMDBaMIGBMQswCQYDVQQGEwJTRzEbMBkGA1UEChMSR2xvYmFsU2ln
biBQdGUgTHRkMRUwEwYDVQQFEwwyMDE2MTIwNzE2MTgxPjA8BgNVBAMTNUdsb2Jh
bFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyIE9DU1AgcmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgTkqF52Bkmv7lzDzm2
8EdUhYTMD4ilkEVMOQZqtiOzlIkzsAylMVHEn84YNNTmW4n6uBMQbPQUQ1zDqoxm
lPo2tLOdzkvWwzp6WCtBxTbLVK8XFJEE8VH0XLKovSe9EtpFQQqdVUrj8AOsjsfQ
g1mBvQWLphZRsw8zDEY85XsV8jqVEHroyOO1IuMX+PxHT4F+XbjS6/q5tatqcKdi
PizDe3Nb73/4bajoJ9HWtIjPwDRcm03dGP+hhc5xRvnHy8hGZZQBb7pkE76mDjW3
XGw1M1SssKvxZlzDueGXTKtGNwnczD470sD+VdX0hm23lz72n2/rsu36/T0wlcit
swIDAQABo4HHMIHEMB0GA1UdDgQWBBQiuVoI5qGQipm2lju45xpIdvS3pDAfBgNV
HSMEGDAWgBSwsEr9HHUo+BxhqhP2+sGQPWsWozAPBgkrBgEFBQcwAQUEAgUAMEwG
A1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNV
HSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQUFAAOCAQEAIjYEr3fwsCk9WvY4
CL9suk+3L65xubgkexg2KELvfzGgdtCVRf0nGrD9YRC7ARbuhfcRky8drArw/5qK
09JOoL850Bxyu5AJUu8NeLFQNH21f8ulSox2LUEcT31xZJ/C9fZKeHeuYN1S4hqA
I6VpJh6Szh9wioReIjjPkpB+ErdcLSAQwG/oxZ+8GrYLl3M5aKmhAneapdzcu+pk
jK0tezFXgrpSS/JaklkRSbMZ75g4tzC9gEWoXyNVZrJLaFLpeBxwch+3xv3IMVGN
MY/c67jn4F6BMIWgwRsxOdO5+d70rk6jVTdXDNwQqeITCQHcv6mbB9SdE32w9o8o
HVgHtw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEKTCCAxGgAwIBAgIMNxDadzeaHyLxT/RPMA0GCSqGSIb3DQEBBQUAMFkxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS8wLQYDVQQDEyZH
bG9iYWxTaWduIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBHMjAeFw0xNzA0MDcw
MDAwMDBaFw0xNzA3MTUwMDAwMDBaMIGBMQswCQYDVQQGEwJTRzEbMBkGA1UEChMS
R2xvYmFsU2lnbiBQdGUgTHRkMRUwEwYDVQQFEwwyMDE2MTIwNzE2MTgxPjA8BgNV
BAMTNUdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyIE9DU1Ag
cmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgTkqF5
2Bkmv7lzDzm28EdUhYTMD4ilkEVMOQZqtiOzlIkzsAylMVHEn84YNNTmW4n6uBMQ
bPQUQ1zDqoxmlPo2tLOdzkvWwzp6WCtBxTbLVK8XFJEE8VH0XLKovSe9EtpFQQqd
VUrj8AOsjsfQg1mBvQWLphZRsw8zDEY85XsV8jqVEHroyOO1IuMX+PxHT4F+XbjS
6/q5tatqcKdiPizDe3Nb73/4bajoJ9HWtIjPwDRcm03dGP+hhc5xRvnHy8hGZZQB
b7pkE76mDjW3XGw1M1SssKvxZlzDueGXTKtGNwnczD470sD+VdX0hm23lz72n2/r
su36/T0wlcitswIDAQABo4HHMIHEMB0GA1UdDgQWBBQiuVoI5qGQipm2lju45xpI
dvS3pDAfBgNVHSMEGDAWgBSwsEr9HHUo+BxhqhP2+sGQPWsWozAPBgkrBgEFBQcw
AQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0
dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQUFAAOCAQEAIjYE
r3fwsCk9WvY4CL9suk+3L65xubgkexg2KELvfzGgdtCVRf0nGrD9YRC7ARbuhfcR
ky8drArw/5qK09JOoL850Bxyu5AJUu8NeLFQNH21f8ulSox2LUEcT31xZJ/C9fZK
eHeuYN1S4hqAI6VpJh6Szh9wioReIjjPkpB+ErdcLSAQwG/oxZ+8GrYLl3M5aKmh
Aneapdzcu+pkjK0tezFXgrpSS/JaklkRSbMZ75g4tzC9gEWoXyNVZrJLaFLpeBxw
ch+3xv3IMVGNMY/c67jn4F6BMIWgwRsxOdO5+d70rk6jVTdXDNwQqeITCQHcv6mb
B9SdE32w9o8oHVgHtw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3744eeaff0920ec1-EWR]
Content-Length: [1588]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:45:12 GMT]
Etag: ["965bfd3effbc9b078e056d792b673b431519ce97"]
Expires: [Thu, 29 Jun 2017 03:45:12 GMT]
Last-Modified: [Sun, 25 Jun 2017 03:45:12 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d85fbdce0dfa496cc91a17c07403d441b1498362309; expires=Mon, 25-Jun-18 03:45:09 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Extended Validation CA - G2 (CA Certificate)

Certificate details for GlobalSign Extended Validation CA - G2 (At position 1 in certificate chain)
Serial number:
hex: 400000000012f4ee15b63
int: 4835703278459819397307235
Issued by: GlobalSign
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.