CRL & OCSP report for www.poply.be

www.poply.be

Certificate details for www.poply.be (At position 0 in certificate chain)
Serial number:
hex: 50f05
int: 331525
Issued by: RapidSSL SHA256 CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: GT14549938
Organization unit: See www.rapidssl.com/resources/cps (c)15
Organization unit: Domain Control Validated - RapidSSL(R)
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.poply.be.

Certificate Revocation List (CRL)

This CRL was cached at
http://gv.symcb.com/gv.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gv.symcb.com/gv.crl
Size: 14190 bytes (DER data)
Response time: 477.109217ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 625

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 30 Apr 2017 12:57:47 GMT]
Etag: ["4a6e6a6d9666c80707a44e6180f40ebd:1493540444"]
Last-Modified: [Sun, 30 Apr 2017 08:20:44 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gv.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gv.symcd.com (POST)
Size: 1399 bytes (DER data)
Response time: 233.595515ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA - G3 OCSP Responder
Issued by: RapidSSL SHA256 CA - G3
Signing certificate validity: 2016-04-22 - 2017-05-22
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 119h49m51s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBRAC0Z68eay0wmDug1gfn5ZN0gkxAQUw5zz
/NNGCDS7zkZ/oHxb8+IIy1kCAwUPBQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFcwoBAKCCBWwwggVoBgkrBgEFBQcwAQEEggVZMIIFVTCBkaIWBBQREkqOiX35
FCmxvf6AJvy3XFVPhhgPMjAxNzA0MjgxMjQ3MzdaMGYwZDA8MAkGBSsOAwIaBQAE
FEALRnrx5rLTCYO6DWB+flk3SCTEBBTDnPP800YINLvORn+gfFvz4gjLWQIDBQ8F
gAAYDzIwMTcwNDI4MTI0NzM3WqARGA8yMDE3MDUwNTEyNDczN1owDQYJKoZIhvcN
AQEFBQADggEBAAK3SiFPIeK7loTO8pwBzYQerd9WoEMuiCTfITpI6Cu63hAIpIuY
xkyK4gjM8BkphL4hcy1HIE21QZIhB2T3S+h93sIbQ79vXIrgtA1CPlbnB0P7XArv
p9pBHWRpe1S5k2R2YtpH7/N5BpaEsptQpuU2nxAjRvtf8x8SdKqRvPJd24u8gizA
VH6uic2nMoaJpGCq1CnZdMXpcZHP5AX9NwwYcNI0R0c/tXu+ksKRdfRHXqSvgh1z
3SzdUe/oWrl6nfriLdzb/CdMRJYN/QNP+HLPOiLJsYWtAshMfKTVE8l+AtIXM6sy
hPhLM/ROxwUY1XLo0uP1+w8YLs/gri1eDCygggOpMIIDpTCCA6EwggKJoAMCAQIC
AwqcEDANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2Vv
VHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wgU0hBMjU2IENBIC0gRzMwHhcN
MTYwNDIyMjAwOTI5WhcNMTcwNTIyMjAwOTI5WjAxMS8wLQYDVQQDEyZSYXBpZFNT
TCBTSEEyNTYgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMeckHIh48+MrUXOuNlklnLmC45Wf20k1BDzSpSUbYvK
x2C44ggWHMoEBjJw8/6VaYYr2tKM6WWtmzGmRPgd7Ds1Jh3nJO+JvoRT8nIpIqgk
ekbMxjLs7jERYbGt0JZICzgpJDo1b1sXgXtrogrmi6KbP0MJyOkyTlvN1gcnmGxl
UWUdm7dNaVaV75kUj9BrTXx4vnVmiZRVtwxsA8Nx1zxBKXKGvFWLcL3+zPfqCUZI
dW62GEUlUJwcySIhLHi8omSxzULRcUZgvl0kwiBV85RI2YL4k+IBy3dWibRB28G/
lNbLtDI9ygx6Iye+91CKEn8nYEsAhe/H4jlvTReOwmkCAwEAAaOBqzCBqDAfBgNV
HSMEGDAWgBTDnPP800YINLvORn+gfFvz4gjLWTAPBgkrBgEFBQcwAQUEAgUAMB0G
A1UdDgQWBBQREkqOiX35FCmxvf6AJvy3XFVPhjATBgNVHSUEDDAKBggrBgEFBQcD
CTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREEGzAZpBcwFTET
MBEGA1UEAxMKVEdWLU9GRi0xNDANBgkqhkiG9w0BAQsFAAOCAQEANpuZVjnwTWYY
jJjA6pjpP2slITFv4VEZv9QAhMRyicymwuCgkQYLlEUCWo/gAJU3MOtpf/5UluWv
H9R/bEMKTaGhjXnlZ8EiRbfHukxIM67gHG5wHoWWe4j1mzYEvB+4o2EHIPRiyvHh
KTd0oQO6H2VDwnvWYo+f47ZiDdIyFIwYnkM3Y0Dc+FzdmDB1RaBqaQ4jBuRKEglE
G9686H+yOSvTzUJs1H3Y4PXSrsqB/8rfG2KNUTN3p4JlfPzo727j8fL4133xFcVS
YuQLdlgdF8hDbO4ncJcHIaZ3BpgBUZzOiaVt1maR7ibp6G11HSuQrLyYHHSicqOr
Nq29ekkwFw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDoTCCAomgAwIBAgIDCpwQMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEy
NTYgQ0EgLSBHMzAeFw0xNjA0MjIyMDA5MjlaFw0xNzA1MjIyMDA5MjlaMDExLzAt
BgNVBAMTJlJhcGlkU1NMIFNIQTI1NiBDQSAtIEczIE9DU1AgUmVzcG9uZGVyMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5yQciHjz4ytRc642WSWcuYL
jlZ/bSTUEPNKlJRti8rHYLjiCBYcygQGMnDz/pVphiva0ozpZa2bMaZE+B3sOzUm
Heck74m+hFPycikiqCR6RszGMuzuMRFhsa3QlkgLOCkkOjVvWxeBe2uiCuaLops/
QwnI6TJOW83WByeYbGVRZR2bt01pVpXvmRSP0GtNfHi+dWaJlFW3DGwDw3HXPEEp
coa8VYtwvf7M9+oJRkh1brYYRSVQnBzJIiEseLyiZLHNQtFxRmC+XSTCIFXzlEjZ
gviT4gHLd1aJtEHbwb+U1su0Mj3KDHojJ773UIoSfydgSwCF78fiOW9NF47CaQID
AQABo4GrMIGoMB8GA1UdIwQYMBaAFMOc8/zTRgg0u85Gf6B8W/PiCMtZMA8GCSsG
AQUFBzABBQQCBQAwHQYDVR0OBBYEFBESSo6JffkUKbG9/oAm/LdcVU+GMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMCIG
A1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTE0MA0GCSqGSIb3DQEBCwUA
A4IBAQA2m5lWOfBNZhiMmMDqmOk/ayUhMW/hURm/1ACExHKJzKbC4KCRBguURQJa
j+AAlTcw62l//lSW5a8f1H9sQwpNoaGNeeVnwSJFt8e6TEgzruAcbnAehZZ7iPWb
NgS8H7ijYQcg9GLK8eEpN3ShA7ofZUPCe9Zij5/jtmIN0jIUjBieQzdjQNz4XN2Y
MHVFoGppDiMG5EoSCUQb3rzof7I5K9PNQmzUfdjg9dKuyoH/yt8bYo1RM3engmV8
/OjvbuPx8vjXffEVxVJi5At2WB0XyENs7idwlwchpncGmAFRnM6JpW3WZpHuJuno
bXUdK5CsvJgcdKJyo6s2rb16STAX
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=431391, public, no-transform, must-revalidate]
Content-Length: [1399]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:57:46 GMT]
Expires: [Fri, 5 May 2017 12:47:37 GMT]
Last-Modified: [Fri, 28 Apr 2017 12:47:37 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gv.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gv.symcd.com (GET)
Size: 1399 bytes (DER data)
Response time: 243.94026ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA - G3 OCSP Responder
Issued by: RapidSSL SHA256 CA - G3
Signing certificate validity: 2016-04-22 - 2017-05-22
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 119h49m51s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBRAC0Z68eay0wmDug1gfn5ZN0gkxAQUw5zz%2FNNGCDS7zkZ%2FoHxb8%2BIIy1kCAwUPBQ%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBRAC0Z68eay0wmDug1gfn5ZN0gkxAQUw5zz
/NNGCDS7zkZ/oHxb8+IIy1kCAwUPBQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFcwoBAKCCBWwwggVoBgkrBgEFBQcwAQEEggVZMIIFVTCBkaIWBBQREkqOiX35
FCmxvf6AJvy3XFVPhhgPMjAxNzA0MjgxMjQ3MzdaMGYwZDA8MAkGBSsOAwIaBQAE
FEALRnrx5rLTCYO6DWB+flk3SCTEBBTDnPP800YINLvORn+gfFvz4gjLWQIDBQ8F
gAAYDzIwMTcwNDI4MTI0NzM3WqARGA8yMDE3MDUwNTEyNDczN1owDQYJKoZIhvcN
AQEFBQADggEBAAK3SiFPIeK7loTO8pwBzYQerd9WoEMuiCTfITpI6Cu63hAIpIuY
xkyK4gjM8BkphL4hcy1HIE21QZIhB2T3S+h93sIbQ79vXIrgtA1CPlbnB0P7XArv
p9pBHWRpe1S5k2R2YtpH7/N5BpaEsptQpuU2nxAjRvtf8x8SdKqRvPJd24u8gizA
VH6uic2nMoaJpGCq1CnZdMXpcZHP5AX9NwwYcNI0R0c/tXu+ksKRdfRHXqSvgh1z
3SzdUe/oWrl6nfriLdzb/CdMRJYN/QNP+HLPOiLJsYWtAshMfKTVE8l+AtIXM6sy
hPhLM/ROxwUY1XLo0uP1+w8YLs/gri1eDCygggOpMIIDpTCCA6EwggKJoAMCAQIC
AwqcEDANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2Vv
VHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wgU0hBMjU2IENBIC0gRzMwHhcN
MTYwNDIyMjAwOTI5WhcNMTcwNTIyMjAwOTI5WjAxMS8wLQYDVQQDEyZSYXBpZFNT
TCBTSEEyNTYgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMeckHIh48+MrUXOuNlklnLmC45Wf20k1BDzSpSUbYvK
x2C44ggWHMoEBjJw8/6VaYYr2tKM6WWtmzGmRPgd7Ds1Jh3nJO+JvoRT8nIpIqgk
ekbMxjLs7jERYbGt0JZICzgpJDo1b1sXgXtrogrmi6KbP0MJyOkyTlvN1gcnmGxl
UWUdm7dNaVaV75kUj9BrTXx4vnVmiZRVtwxsA8Nx1zxBKXKGvFWLcL3+zPfqCUZI
dW62GEUlUJwcySIhLHi8omSxzULRcUZgvl0kwiBV85RI2YL4k+IBy3dWibRB28G/
lNbLtDI9ygx6Iye+91CKEn8nYEsAhe/H4jlvTReOwmkCAwEAAaOBqzCBqDAfBgNV
HSMEGDAWgBTDnPP800YINLvORn+gfFvz4gjLWTAPBgkrBgEFBQcwAQUEAgUAMB0G
A1UdDgQWBBQREkqOiX35FCmxvf6AJvy3XFVPhjATBgNVHSUEDDAKBggrBgEFBQcD
CTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREEGzAZpBcwFTET
MBEGA1UEAxMKVEdWLU9GRi0xNDANBgkqhkiG9w0BAQsFAAOCAQEANpuZVjnwTWYY
jJjA6pjpP2slITFv4VEZv9QAhMRyicymwuCgkQYLlEUCWo/gAJU3MOtpf/5UluWv
H9R/bEMKTaGhjXnlZ8EiRbfHukxIM67gHG5wHoWWe4j1mzYEvB+4o2EHIPRiyvHh
KTd0oQO6H2VDwnvWYo+f47ZiDdIyFIwYnkM3Y0Dc+FzdmDB1RaBqaQ4jBuRKEglE
G9686H+yOSvTzUJs1H3Y4PXSrsqB/8rfG2KNUTN3p4JlfPzo727j8fL4133xFcVS
YuQLdlgdF8hDbO4ncJcHIaZ3BpgBUZzOiaVt1maR7ibp6G11HSuQrLyYHHSicqOr
Nq29ekkwFw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDoTCCAomgAwIBAgIDCpwQMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEy
NTYgQ0EgLSBHMzAeFw0xNjA0MjIyMDA5MjlaFw0xNzA1MjIyMDA5MjlaMDExLzAt
BgNVBAMTJlJhcGlkU1NMIFNIQTI1NiBDQSAtIEczIE9DU1AgUmVzcG9uZGVyMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5yQciHjz4ytRc642WSWcuYL
jlZ/bSTUEPNKlJRti8rHYLjiCBYcygQGMnDz/pVphiva0ozpZa2bMaZE+B3sOzUm
Heck74m+hFPycikiqCR6RszGMuzuMRFhsa3QlkgLOCkkOjVvWxeBe2uiCuaLops/
QwnI6TJOW83WByeYbGVRZR2bt01pVpXvmRSP0GtNfHi+dWaJlFW3DGwDw3HXPEEp
coa8VYtwvf7M9+oJRkh1brYYRSVQnBzJIiEseLyiZLHNQtFxRmC+XSTCIFXzlEjZ
gviT4gHLd1aJtEHbwb+U1su0Mj3KDHojJ773UIoSfydgSwCF78fiOW9NF47CaQID
AQABo4GrMIGoMB8GA1UdIwQYMBaAFMOc8/zTRgg0u85Gf6B8W/PiCMtZMA8GCSsG
AQUFBzABBQQCBQAwHQYDVR0OBBYEFBESSo6JffkUKbG9/oAm/LdcVU+GMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMCIG
A1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTE0MA0GCSqGSIb3DQEBCwUA
A4IBAQA2m5lWOfBNZhiMmMDqmOk/ayUhMW/hURm/1ACExHKJzKbC4KCRBguURQJa
j+AAlTcw62l//lSW5a8f1H9sQwpNoaGNeeVnwSJFt8e6TEgzruAcbnAehZZ7iPWb
NgS8H7ijYQcg9GLK8eEpN3ShA7ofZUPCe9Zij5/jtmIN0jIUjBieQzdjQNz4XN2Y
MHVFoGppDiMG5EoSCUQb3rzof7I5K9PNQmzUfdjg9dKuyoH/yt8bYo1RM3engmV8
/OjvbuPx8vjXffEVxVJi5At2WB0XyENs7idwlwchpncGmAFRnM6JpW3WZpHuJuno
bXUdK5CsvJgcdKJyo6s2rb16STAX
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=431391, public, no-transform, must-revalidate]
Content-Length: [1399]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:57:46 GMT]
Expires: [Fri, 5 May 2017 12:47:37 GMT]
Last-Modified: [Fri, 28 Apr 2017 12:47:37 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

RapidSSL SHA256 CA - G3 (CA Certificate)

Certificate details for RapidSSL SHA256 CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 23a77
int: 146039
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g.symcb.com/crls/gtglobal.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g.symcb.com/crls/gtglobal.crl
Size: 665 bytes (DER data)
Response time: 244.273865ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 12

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 30 Apr 2017 12:57:47 GMT]
Etag: ["ca736a3a4c64c88b82602fe64aa4182d:1490382195"]
Last-Modified: [Fri, 24 Mar 2017 18:49:54 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g.symcd.com (POST)
Size: 1377 bytes (DER data)
Response time: 235.898967ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h18m45s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (A)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6dw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzA0MjkxOTEyMDVaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjp3
gAAYDzIwMTcwNDI5MTkxMjA1WqARGA8yMDE3MDUwNjE5MTIwNVowDQYJKoZIhvcN
AQEFBQADggEBAIgY4cz6F5Bo/cQxqQOb0tn+PFBNwBvsPJSBwE8aB48QelH12wVB
0UjqdzAHQ39X63PybkBS5bKeGpWoLxAe2It0n/m5YI3nWUgg0LtEmt7/DUsVAp1I
iaiz79K64GikJXo/Au61cwqx+a2GGfUOqD6RvkSfffwzBdL1KAilTyyWDpoQjfJi
KDqplWUxKhla6VtbmRapjnDaEC0xUb5GyPEzlOzLV/8I9Z1g4AENCWJECA75sOQ7
FLqr7HkSZIZgkRCE31MM4rV7L5yTD8o4pQqlmUOW92AWAc86ca/g7ElvgNlkclgH
GB+pPSCOzVseGF8FVCS0hfD0qvPwsSRkB0SgggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=541125, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:57:46 GMT]
Expires: [Sat, 6 May 2017 19:12:05 GMT]
Last-Modified: [Sat, 29 Apr 2017 19:12:05 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (A)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 4m26s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g.symcd.com (GET)
Size: 1377 bytes (DER data)
Response time: 242.641911ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h18m54s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (A)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6dw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6dw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzA0MjkxOTEyMDVaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjp3
gAAYDzIwMTcwNDI5MTkxMjA1WqARGA8yMDE3MDUwNjE5MTIwNVowDQYJKoZIhvcN
AQEFBQADggEBAIgY4cz6F5Bo/cQxqQOb0tn+PFBNwBvsPJSBwE8aB48QelH12wVB
0UjqdzAHQ39X63PybkBS5bKeGpWoLxAe2It0n/m5YI3nWUgg0LtEmt7/DUsVAp1I
iaiz79K64GikJXo/Au61cwqx+a2GGfUOqD6RvkSfffwzBdL1KAilTyyWDpoQjfJi
KDqplWUxKhla6VtbmRapjnDaEC0xUb5GyPEzlOzLV/8I9Z1g4AENCWJECA75sOQ7
FLqr7HkSZIZgkRCE31MM4rV7L5yTD8o4pQqlmUOW92AWAc86ca/g7ElvgNlkclgH
GB+pPSCOzVseGF8FVCS0hfD0qvPwsSRkB0SgggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=541134, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:57:47 GMT]
Expires: [Sat, 6 May 2017 19:12:05 GMT]
Last-Modified: [Sat, 29 Apr 2017 19:12:05 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (A)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 4m36s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Global CA (CA Certificate)

Certificate details for GeoTrust Global CA (At position 2 in certificate chain)
Serial number:
hex: 23456
int: 144470
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.