CRL & OCSP report for www.festo.com.cn (Festo AG & Co. KG)

www.festo.com.cn

Certificate details for www.festo.com.cn (At position 0 in certificate chain)
Serial number:
hex: 4f0b6daa8e8f3767a5fd018f1b7e8e1017e7e7cb
int: 451265132368930095292026896355205687319779076043
Issued by: Verizon Akamai SureServer CA G14-SHA1
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Festo AG & Co. KG
Organization unit: IT-MW
State / Province: Baden-Wuerttemberg
Locality: Esslingen
Country: DE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.festo.com.cn.

Certificate Revocation List (CRL)

This CRL was cached at
http://vassg141.crl.omniroot.com/vassg141.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://vassg141.crl.omniroot.com/vassg141.crl
Size: 1075 bytes (DER data)
Response time: 1.033970919s
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 14

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=15290]
Content-Length: [1075]
Content-Type: [application/x-pkcs7-crl]
Date: [Sat, 29 Apr 2017 21:20:33 GMT]
Etag: ["a396b-433-54e549db194db"]
Expires: [Sun, 30 Apr 2017 01:35:23 GMT]
Last-Modified: [Sat, 29 Apr 2017 21:10:13 GMT]
Server: [Apache]
X-Cache: [TCP_REFRESH_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (S)]
X-Cnection: [close]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://vassg141.ocsp.omniroot.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vassg141.ocsp.omniroot.com (POST)
Size: 1746 bytes (DER data)
Response time: 1.267327338s
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: vassg141 OCSP Responder 2017
Issued by: Verizon Akamai SureServer CA G14-SHA1
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: nginx
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBS856ddZAq5lE7vDJmoUDW1u98SMAQU3WyA
fLq1MhelhEFA8NIEZhMvqZACFE8LbaqOjzdnpf0Bjxt+jhAX5+fL
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGzgoBAKCCBscwggbDBgkrBgEFBQcwAQEEgga0MIIGsDCBoqIWBBSEnZpRMCXa
CgLFol7Gdiip7b+RPRgPMjAxNzA0MjkyMTIwMzRaMHcwdTBNMAkGBSsOAwIaBQAE
FLznp11kCrmUTu8MmahQNbW73xIwBBTdbIB8urUyF6WEQUDw0gRmEy+pkAIUTwtt
qo6PN2el/QGPG36OEBfn58uAABgPMjAxNzA0MjkyMTIwMzRaoBEYDzIwMTcwNTAz
MjEyMDM0WjANBgkqhkiG9w0BAQUFAAOCAQEAp+Jn0cEgNyTkMw+c2YZBvxJS5z//
Sx6b9JkNW/UsdMDNcNaX22naRq9NmCivRH77/JW8bNr/h4VwLPQjf7m1446OH7fq
GaIXf8oee2ZUW0nvSxgm8NkZEJFDACXRKR7Eq0Ij/r7MINTkPO97Z6EQe2qeJW6H
mRqa7Y4e17oWiiH1K+a8Onp9nIj/zzYq+e6X9/qqnooGTII7poTnqcKHr3DhDutA
FtqyuhN3RiMfer9VjexG4qPn7H9OQcQkIilbfkLaoZaIaAJQq9ZyOnZZqjDWsaGi
amx09UdBYUt9gxYpqj/iqWXZQAZEhv5RGZW54LuLoTiAzqaMMlBDZXFmwaCCBPMw
ggTvMIIE6zCCA9OgAwIBAgIUV1PzYbxk1CqaAvsFlJta5ci0grgwDQYJKoZIhvcN
AQEFBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTEwHhcNMTcwMzEwMjAzNjE3WhcNMTgwMzA5MjAzNjE2WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dmFzc2cxNDEgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm1frnaZYxoqkQ5doyrLjhVQB1UJIzlQKgmIVmYuRUtWxBf
mhvgbc2GR8R9ecDbWilfURjjI+JwHAZiV4T+eGnGlgCwXA811BhJyhQnL0zs/+fW
KxAgQGEKnjpWUaAU2DTXfe1Knfkg1hliX+nOjfoUGwgqrgeOximv0pcWrQVFfOSM
vupPXY7+8VAiF8zLWiIiD9/kz+a4Nd1IUR9eAfqSNTnpaqDLcn5vPsbivcmWOhJO
xqCgDk0HdmWmTGiUJz+lcZk2DJpWe5B+96zUI7D+QpIKd0FW1UW/PJwJb34lOd+4
rlj1t+CzoYSXXzRVhdSikw5z2DscqceQ83tcasMCAwEAAaOCAUgwggFEMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwfgYIKwYB
BQUHAQEEcjBwMDYGCCsGAQUFBzAChipodHRwczovL2NhY2VydC5hLm9tbmlyb290
LmNvbS92YXNzZzE0MS5jcnQwNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEu
b21uaXJvb3QuY29tL3Zhc3NnMTQxLmRlcjAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0l
BAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU3WyAfLq1MhelhEFA8NIEZhMvqZAw
HQYDVR0OBBYEFISdmlEwJdoKAsWiXsZ2KKntv5E9MA0GCSqGSIb3DQEBBQUAA4IB
AQBoNb+A7Bwh9sq+XpUpUlDDBbpzKPZAXFI29i0/yLM1PGuIBdDHtaAYf2RsTs1i
3o5SnRbIlgpabRPQXS4LvE4LHOZWDxsZO1UAz/uWD17gHR0PNcu+rjW5lDo/F+EX
PgOCjMptX+nppx59zI+eDOf5K6uFsWNA14aCSzzNqF5PhaW6Lo/bT9Ax/PfPyss9
t8ZGJ531x0n/9xU5JBfHaP2Bp11ko5MNSurVEPnlJDGZbqyeH98wFZEpAdWFe9oB
KqdQOWs6fFEwkp49YjY/xLHv7rrkh9of98ILOCzxMCbv3T1Z34v0G7gmxYejzZQs
k0wbLYUCsaam7gSZFL77pQxl
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUV1PzYbxk1CqaAvsFlJta5ci0grgwDQYJKoZIhvcNAQEF
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTEwHhcNMTcwMzEwMjAzNjE3WhcNMTgwMzA5MjAzNjE2WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdmFz
c2cxNDEgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALm1frnaZYxoqkQ5doyrLjhVQB1UJIzlQKgmIVmYuRUtWxBfmhvg
bc2GR8R9ecDbWilfURjjI+JwHAZiV4T+eGnGlgCwXA811BhJyhQnL0zs/+fWKxAg
QGEKnjpWUaAU2DTXfe1Knfkg1hliX+nOjfoUGwgqrgeOximv0pcWrQVFfOSMvupP
XY7+8VAiF8zLWiIiD9/kz+a4Nd1IUR9eAfqSNTnpaqDLcn5vPsbivcmWOhJOxqCg
Dk0HdmWmTGiUJz+lcZk2DJpWe5B+96zUI7D+QpIKd0FW1UW/PJwJb34lOd+4rlj1
t+CzoYSXXzRVhdSikw5z2DscqceQ83tcasMCAwEAAaOCAUgwggFEMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwfgYIKwYBBQUH
AQEEcjBwMDYGCCsGAQUFBzAChipodHRwczovL2NhY2VydC5hLm9tbmlyb290LmNv
bS92YXNzZzE0MS5jcnQwNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEub21u
aXJvb3QuY29tL3Zhc3NnMTQxLmRlcjAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAww
CgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU3WyAfLq1MhelhEFA8NIEZhMvqZAwHQYD
VR0OBBYEFISdmlEwJdoKAsWiXsZ2KKntv5E9MA0GCSqGSIb3DQEBBQUAA4IBAQBo
Nb+A7Bwh9sq+XpUpUlDDBbpzKPZAXFI29i0/yLM1PGuIBdDHtaAYf2RsTs1i3o5S
nRbIlgpabRPQXS4LvE4LHOZWDxsZO1UAz/uWD17gHR0PNcu+rjW5lDo/F+EXPgOC
jMptX+nppx59zI+eDOf5K6uFsWNA14aCSzzNqF5PhaW6Lo/bT9Ax/PfPyss9t8ZG
J531x0n/9xU5JBfHaP2Bp11ko5MNSurVEPnlJDGZbqyeH98wFZEpAdWFe9oBKqdQ
OWs6fFEwkp49YjY/xLHv7rrkh9of98ILOCzxMCbv3T1Z34v0G7gmxYejzZQsk0wb
LYUCsaam7gSZFL77pQxl
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1746]
Content-Type: [application/ocsp-response]
Date: [Sat, 29 Apr 2017 21:20:34 GMT]
Server: [nginx]
X-Cache: [TCP_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://vassg141.ocsp.omniroot.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vassg141.ocsp.omniroot.com (GET)
Size: 1746 bytes (DER data)
Response time: 1.983825378s
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: vassg141 OCSP Responder 2017
Issued by: Verizon Akamai SureServer CA G14-SHA1
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h25m51s

Server and network information

Server Software: nginx
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (-)

URL used for GET request

http:/MFUwUzBRME8wTTAJBgUrDgMCGgUABBS856ddZAq5lE7vDJmoUDW1u98SMAQU3WyAfLq1MhelhEFA8NIEZhMvqZACFE8LbaqOjzdnpf0Bjxt%2BjhAX5%2BfL

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBS856ddZAq5lE7vDJmoUDW1u98SMAQU3WyA
fLq1MhelhEFA8NIEZhMvqZACFE8LbaqOjzdnpf0Bjxt+jhAX5+fL
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGzgoBAKCCBscwggbDBgkrBgEFBQcwAQEEgga0MIIGsDCBoqIWBBSEnZpRMCXa
CgLFol7Gdiip7b+RPRgPMjAxNzA0MjkyMTIwMzRaMHcwdTBNMAkGBSsOAwIaBQAE
FLznp11kCrmUTu8MmahQNbW73xIwBBTdbIB8urUyF6WEQUDw0gRmEy+pkAIUTwtt
qo6PN2el/QGPG36OEBfn58uAABgPMjAxNzA0MjkyMTIwMzRaoBEYDzIwMTcwNTAz
MjEyMDM0WjANBgkqhkiG9w0BAQUFAAOCAQEAp+Jn0cEgNyTkMw+c2YZBvxJS5z//
Sx6b9JkNW/UsdMDNcNaX22naRq9NmCivRH77/JW8bNr/h4VwLPQjf7m1446OH7fq
GaIXf8oee2ZUW0nvSxgm8NkZEJFDACXRKR7Eq0Ij/r7MINTkPO97Z6EQe2qeJW6H
mRqa7Y4e17oWiiH1K+a8Onp9nIj/zzYq+e6X9/qqnooGTII7poTnqcKHr3DhDutA
FtqyuhN3RiMfer9VjexG4qPn7H9OQcQkIilbfkLaoZaIaAJQq9ZyOnZZqjDWsaGi
amx09UdBYUt9gxYpqj/iqWXZQAZEhv5RGZW54LuLoTiAzqaMMlBDZXFmwaCCBPMw
ggTvMIIE6zCCA9OgAwIBAgIUV1PzYbxk1CqaAvsFlJta5ci0grgwDQYJKoZIhvcN
AQEFBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTEwHhcNMTcwMzEwMjAzNjE3WhcNMTgwMzA5MjAzNjE2WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dmFzc2cxNDEgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm1frnaZYxoqkQ5doyrLjhVQB1UJIzlQKgmIVmYuRUtWxBf
mhvgbc2GR8R9ecDbWilfURjjI+JwHAZiV4T+eGnGlgCwXA811BhJyhQnL0zs/+fW
KxAgQGEKnjpWUaAU2DTXfe1Knfkg1hliX+nOjfoUGwgqrgeOximv0pcWrQVFfOSM
vupPXY7+8VAiF8zLWiIiD9/kz+a4Nd1IUR9eAfqSNTnpaqDLcn5vPsbivcmWOhJO
xqCgDk0HdmWmTGiUJz+lcZk2DJpWe5B+96zUI7D+QpIKd0FW1UW/PJwJb34lOd+4
rlj1t+CzoYSXXzRVhdSikw5z2DscqceQ83tcasMCAwEAAaOCAUgwggFEMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwfgYIKwYB
BQUHAQEEcjBwMDYGCCsGAQUFBzAChipodHRwczovL2NhY2VydC5hLm9tbmlyb290
LmNvbS92YXNzZzE0MS5jcnQwNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEu
b21uaXJvb3QuY29tL3Zhc3NnMTQxLmRlcjAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0l
BAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU3WyAfLq1MhelhEFA8NIEZhMvqZAw
HQYDVR0OBBYEFISdmlEwJdoKAsWiXsZ2KKntv5E9MA0GCSqGSIb3DQEBBQUAA4IB
AQBoNb+A7Bwh9sq+XpUpUlDDBbpzKPZAXFI29i0/yLM1PGuIBdDHtaAYf2RsTs1i
3o5SnRbIlgpabRPQXS4LvE4LHOZWDxsZO1UAz/uWD17gHR0PNcu+rjW5lDo/F+EX
PgOCjMptX+nppx59zI+eDOf5K6uFsWNA14aCSzzNqF5PhaW6Lo/bT9Ax/PfPyss9
t8ZGJ531x0n/9xU5JBfHaP2Bp11ko5MNSurVEPnlJDGZbqyeH98wFZEpAdWFe9oB
KqdQOWs6fFEwkp49YjY/xLHv7rrkh9of98ILOCzxMCbv3T1Z34v0G7gmxYejzZQs
k0wbLYUCsaam7gSZFL77pQxl
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUV1PzYbxk1CqaAvsFlJta5ci0grgwDQYJKoZIhvcNAQEF
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTEwHhcNMTcwMzEwMjAzNjE3WhcNMTgwMzA5MjAzNjE2WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdmFz
c2cxNDEgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALm1frnaZYxoqkQ5doyrLjhVQB1UJIzlQKgmIVmYuRUtWxBfmhvg
bc2GR8R9ecDbWilfURjjI+JwHAZiV4T+eGnGlgCwXA811BhJyhQnL0zs/+fWKxAg
QGEKnjpWUaAU2DTXfe1Knfkg1hliX+nOjfoUGwgqrgeOximv0pcWrQVFfOSMvupP
XY7+8VAiF8zLWiIiD9/kz+a4Nd1IUR9eAfqSNTnpaqDLcn5vPsbivcmWOhJOxqCg
Dk0HdmWmTGiUJz+lcZk2DJpWe5B+96zUI7D+QpIKd0FW1UW/PJwJb34lOd+4rlj1
t+CzoYSXXzRVhdSikw5z2DscqceQ83tcasMCAwEAAaOCAUgwggFEMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwfgYIKwYBBQUH
AQEEcjBwMDYGCCsGAQUFBzAChipodHRwczovL2NhY2VydC5hLm9tbmlyb290LmNv
bS92YXNzZzE0MS5jcnQwNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEub21u
aXJvb3QuY29tL3Zhc3NnMTQxLmRlcjAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAww
CgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU3WyAfLq1MhelhEFA8NIEZhMvqZAwHQYD
VR0OBBYEFISdmlEwJdoKAsWiXsZ2KKntv5E9MA0GCSqGSIb3DQEBBQUAA4IBAQBo
Nb+A7Bwh9sq+XpUpUlDDBbpzKPZAXFI29i0/yLM1PGuIBdDHtaAYf2RsTs1i3o5S
nRbIlgpabRPQXS4LvE4LHOZWDxsZO1UAz/uWD17gHR0PNcu+rjW5lDo/F+EXPgOC
jMptX+nppx59zI+eDOf5K6uFsWNA14aCSzzNqF5PhaW6Lo/bT9Ax/PfPyss9t8ZG
J531x0n/9xU5JBfHaP2Bp11ko5MNSurVEPnlJDGZbqyeH98wFZEpAdWFe9oBKqdQ
OWs6fFEwkp49YjY/xLHv7rrkh9of98ILOCzxMCbv3T1Z34v0G7gmxYejzZQsk0wb
LYUCsaam7gSZFL77pQxl
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate, max-age=339951]
Content-Length: [1746]
Content-Type: [application/ocsp-response]
Date: [Sat, 29 Apr 2017 21:20:34 GMT]
Etag: ["fbd375bfa2a44914bf6e42c7f0df4ec1823dde2a"]
Expires: [Wed, 03 May 2017 19:46:25 GMT]
Last-Modified: [Sat, 29 Apr 2017 21:20:34 GMT]
Server: [nginx]
X-Cache: [TCP_MISS from a63-130-164-103.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2-19674918) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Verizon Akamai SureServer CA G14-SHA1 (CA Certificate)

Certificate details for Verizon Akamai SureServer CA G14-SHA1 (At position 1 in certificate chain)
Serial number:
hex: 727a46a
int: 120038506
Issued by: Baltimore CyberTrust Root
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Verizon Enterprise Solutions
Organization unit: Cybertrust
Locality: Amsterdam
Country: NL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.