CRL & OCSP report for mypcis.dell.com (Dell USA L.P.)

mypcis.dell.com

Certificate details for mypcis.dell.com (At position 0 in certificate chain)
Serial number:
hex: 585f179daf44a04bbbeb77c8d23d535e2abee271
int: 504511815866237551038521969525935866086816670321
Issued by: Verizon Public SureServer CA G14-SHA2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Dell USA L.P.
Organization unit: Infrastructure Engineering and Operations
State / Province: TX
Locality: Round Rock
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for mypcis.dell.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://vpssg142.crl.omniroot.com/vpssg142.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://vpssg142.crl.omniroot.com/vpssg142.crl
Size: 82722 bytes (DER data)
Response time: 833.695733ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 2086

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: ECS (lga/1376)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=864000]
Content-Length: [82722]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 30 Apr 2017 12:56:20 GMT]
Etag: ["a39db-14322-54e619ccd98f4"]
Expires: [Wed, 10 May 2017 12:56:20 GMT]
Last-Modified: [Sun, 30 Apr 2017 12:40:33 GMT]
Server: [ECS (lga/1376)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is 196h24m15s before the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 196h24m15s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://vpssg142.ocsp.omniroot.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vpssg142.ocsp.omniroot.com (POST)
Size: 1742 bytes (DER data)
Response time: 518.735855ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: vpssg142 OCSP Responder 2017
Issued by: Verizon Public SureServer CA G14-SHA2
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO+yzcKo2VaZokUXxSYAadGDgQU5C27
kQFlJh+0ej+jFSWkzoxEMzsCFFhfF52vRKBLu+t3yNI9U14qvuJx
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGygoBAKCCBsMwgga/BgkrBgEFBQcwAQEEggawMIIGrDCBoqIWBBQV1hjQCiEE
5dPT2//+nn1vbPLmaRgPMjAxNzA0MzAxMjU2MTlaMHcwdTBNMAkGBSsOAwIaBQAE
FAxOA77LNwqjZVpmiRRfFJgBp0YOBBTkLbuRAWUmH7R6P6MVJaTOjEQzOwIUWF8X
na9EoEu763fI0j1TXiq+4nGAABgPMjAxNzA0MzAxMjU2MTlaoBEYDzIwMTcwNTA0
MTI1NjE5WjANBgkqhkiG9w0BAQUFAAOCAQEAlPSH5fX9U7USNzxk4H4+kJ3ctWct
4AKlhRz/f/OUIv/ilOJ+IJZMfhYVYdpD1dpv0HO6usG2DXMJ0Rz7MJHt9AjMWMFF
46YZd+vxtARFdSVOvOEk0F2pvwDIQbcELldYjSa9tNu2h5Ux4VB1jLjI8ZLJn3os
dLGPe/sTZ3HQhZXsgR4sYt4OmLnWC/XsQnl6KpTbh5eNYAUJI61K9bV0ciGsJy37
vYDbuzHrgtFNs4DX0+S7UuELFLhMMt/SedX6nRf0auFund+IHZm5XA5qxJlz6tbp
M9cyXXEgKY2BwMIl6e5hqGtFZyETPO4Im+rBVDJwV7HBrTuncQ/kKbO1N6CCBO8w
ggTrMIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcN
AQELBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dnBzc2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDU
C2BJbnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYB
IEs605kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnung
Bks+W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN
9v4MO7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaA
YDbBjf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYB
BQUHAQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5j
b20vdnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5p
cm9vdC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNV
HQ4EFgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNj
wEL3lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4
+WvhqkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6A
qxgH3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE
7CLIXjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2my
RIOqU6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcph
mVmC6dgmjpNzPXgmx2M=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdnBz
c2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDUC2BJ
bnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYBIEs6
05kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnungBks+
W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN9v4M
O7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaAYDbB
jf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYBBQUH
AQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5jb20v
dnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9v
dC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggr
BgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNVHQ4E
FgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNjwEL3
lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4+Wvh
qkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6AqxgH
3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE7CLI
XjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2myRIOq
U6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcphmVmC
6dgmjpNzPXgmx2M=
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1742]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:56:19 GMT]
Server: [nginx]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://vpssg142.ocsp.omniroot.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vpssg142.ocsp.omniroot.com (GET)
Size: 1742 bytes (DER data)
Response time: 532.042194ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: vpssg142 OCSP Responder 2017
Issued by: Verizon Public SureServer CA G14-SHA2
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h26m40s

Server and network information

Server Software: nginx

URL used for GET request

http:/MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO%2ByzcKo2VaZokUXxSYAadGDgQU5C27kQFlJh%2B0ej%2BjFSWkzoxEMzsCFFhfF52vRKBLu%2Bt3yNI9U14qvuJx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO+yzcKo2VaZokUXxSYAadGDgQU5C27
kQFlJh+0ej+jFSWkzoxEMzsCFFhfF52vRKBLu+t3yNI9U14qvuJx
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGygoBAKCCBsMwgga/BgkrBgEFBQcwAQEEggawMIIGrDCBoqIWBBQV1hjQCiEE
5dPT2//+nn1vbPLmaRgPMjAxNzA0MzAxMjU2MTlaMHcwdTBNMAkGBSsOAwIaBQAE
FAxOA77LNwqjZVpmiRRfFJgBp0YOBBTkLbuRAWUmH7R6P6MVJaTOjEQzOwIUWF8X
na9EoEu763fI0j1TXiq+4nGAABgPMjAxNzA0MzAxMjU2MTlaoBEYDzIwMTcwNTA0
MTI1NjE5WjANBgkqhkiG9w0BAQUFAAOCAQEAlPSH5fX9U7USNzxk4H4+kJ3ctWct
4AKlhRz/f/OUIv/ilOJ+IJZMfhYVYdpD1dpv0HO6usG2DXMJ0Rz7MJHt9AjMWMFF
46YZd+vxtARFdSVOvOEk0F2pvwDIQbcELldYjSa9tNu2h5Ux4VB1jLjI8ZLJn3os
dLGPe/sTZ3HQhZXsgR4sYt4OmLnWC/XsQnl6KpTbh5eNYAUJI61K9bV0ciGsJy37
vYDbuzHrgtFNs4DX0+S7UuELFLhMMt/SedX6nRf0auFund+IHZm5XA5qxJlz6tbp
M9cyXXEgKY2BwMIl6e5hqGtFZyETPO4Im+rBVDJwV7HBrTuncQ/kKbO1N6CCBO8w
ggTrMIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcN
AQELBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dnBzc2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDU
C2BJbnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYB
IEs605kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnung
Bks+W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN
9v4MO7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaA
YDbBjf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYB
BQUHAQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5j
b20vdnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5p
cm9vdC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNV
HQ4EFgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNj
wEL3lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4
+WvhqkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6A
qxgH3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE
7CLIXjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2my
RIOqU6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcph
mVmC6dgmjpNzPXgmx2M=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdnBz
c2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDUC2BJ
bnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYBIEs6
05kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnungBks+
W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN9v4M
O7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaAYDbB
jf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYBBQUH
AQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5jb20v
dnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9v
dC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggr
BgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNVHQ4E
FgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNjwEL3
lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4+Wvh
qkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6AqxgH
3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE7CLI
XjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2myRIOq
U6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcphmVmC
6dgmjpNzPXgmx2M=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=340000,public,no-transform,must-revalidate]
Content-Length: [1742]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:56:19 GMT]
Etag: ["c90771177367e3fd7ecf0a8f202273bf2bc4f144"]
Expires: [Thu, 04 May 2017 12:56:19 GMT]
Last-Modified: [Sun, 30 Apr 2017 12:56:19 GMT]
Server: [nginx]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Verizon Public SureServer CA G14-SHA2 (CA Certificate)

Certificate details for Verizon Public SureServer CA G14-SHA2 (At position 1 in certificate chain)
Serial number:
hex: 727a661
int: 120039009
Issued by: Baltimore CyberTrust Root
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Verizon Enterprise Solutions
Organization unit: Cybertrust
Locality: Amsterdam
Country: NL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://cdp1.public-trust.com/CRL/Omniroot2025.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://cdp1.public-trust.com/CRL/Omniroot2025.crl
Size: 3635 bytes (DER data)
Response time: 39.726041ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 120

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/1390)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Length: [3635]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 30 Apr 2017 12:56:19 GMT]
Etag: ["200da-e33-54e050e128eef"]
Last-Modified: [Tue, 25 Apr 2017 22:15:01 GMT]
Server: [ECS (lga/1390)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.omniroot.com/baltimoreroot (POST)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.omniroot.com/baltimoreroot (POST)
Size: 3434 bytes (DER data)
Response time: 37.893735ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Cybertrust Validation 2015
Issued by: Baltimore CyberTrust Root
Signing certificate validity: 2015-09-09 - 2017-09-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 20
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/137D)
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1Z
MIJHWMys+ghUNoZ7OrUETfACBAcnpmE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIINZgoBAKCCDV8wgg1bBgkrBgEFBQcwAQEEgg1MMIINSDCCCJ+iFgQUYDu7bOx1
Wh6ta6BG5gRefEHPVGIYDzIwMTcwNDI5MjAwNDQ2WjCCCHIwdjA9MAkGBSsOAwIa
BQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIE
ByemXqERGA8yMDE0MDQwOTE1NTYzOFoYDzIwMTcwNDI1MTYxMzM2WqARGA8yMDE3
MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QT
BBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemX4AAGA8yMDE3MDQyNTE2MTMzNlqg
ERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/
nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmCAABgPMjAxNzA0MjUx
NjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0V
WeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZhgAAYDzIw
MTcwNDI1MTYxMzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAE
FMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByem
YoAAGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUr
DgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUE
TfACBAcnpmOAABgPMjAxNzA0MjUxNjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjBl
MD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoI
VDaGezq1BE3wAgQHJ6ZkgAAYDzIwMTcwNDI1MTYxMzM2WqARGA8yMDE3MDcyMTE2
MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkw
gkdYzKz6CFQ2hns6tQRN8AIEByemZYAAGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAx
NzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPU
EwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmaAABgPMjAxNzA0MjUxNjEzMzZa
oBEYDzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJ
v52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZngAAYDzIwMTcwNDI1
MTYxMzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbt
FVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemaIAAGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmmhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmqhERgPMjAxNjA2MDgyMTUzMzRaGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmuhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmyhERgPMjAxNjExMDQyMTEwMjZaGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pm2hERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpm6AABgPMjAxNzA0MjUxNjEzMzZaoBEY
DzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52A
eOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZvgAAYDzIwMTcwNDI1MTYx
MzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVns
sF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemcIAAGA8yMDE3
MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTB
L0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpnGA
ABgPMjAxNzA0MjUxNjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjANBgkqhkiG9w0B
AQUFAAOCAQEAbsPMKOQv1ZJfhMtDtYRgTmp7hwrApsUp/sRFA8m4wdVC2lPmUPOr
V3kw5ljpKos+a8frFjt7hvg5Ve2KfxLj+B6qJ537VAau1U+bzFcHpTzyei4ojxlQ
DK+71XYBCGr9UuLUoT+qwW4r1FPZ4we5Trv4xCZSE4A8KsUFFCk1TmockWhwXBRY
5KagYdktQD//ROjYnVNiTcg9yJzTc55qwW6wjIo/7KpRp9tKkWjTXr73VMA4H3R/
sQxPWgaOoh443tym0G+qhZB1xrzgA6AgI7Sf5+/SK7zQdy8qhfzgr3XYrSTtwd/a
zdsnupVyfOYRaEK12SQBFPtrDUmSmr84pKCCA40wggOJMIIDhTCCAm2gAwIBAgIE
ByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFs
dGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUg
Q3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oXDTE3MDkwOTE3NDUzNlow
JTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9uIDIwMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/GLKvR5MFtSCSEj3AxShM
xOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUVJGL1ZtAfUGGT0AaZvVMb
i7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFoOEdN3JwqtzTPTVCptr33
L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5brg02fAX6w6uZlCnzP9M
oxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e7O5EDNSiF2xmhoyFQ7UZ
4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8YneflR99BAgMBAAGjgYcw
gYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH
gDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2
hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRefEHPVGIwDQYJKoZIhvcN
AQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCzw048K/FfPikXw3lTvwFS
Vj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//rKhLNsTtagU2JidhLC/BT
kmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvIVpg0FMKd+k8Z7zWEpN3L
uy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX4ilqvXLrBcO+Blapcw5F
UWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0UboAqgTydDfb/DhXDs2de
xEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDhTCCAm2gAwIBAgIEByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oX
DTE3MDkwOTE3NDUzNlowJTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9u
IDIwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/
GLKvR5MFtSCSEj3AxShMxOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUV
JGL1ZtAfUGGT0AaZvVMbi7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFo
OEdN3JwqtzTPTVCptr33L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5
brg02fAX6w6uZlCnzP9MoxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e
7O5EDNSiF2xmhoyFQ7UZ4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8Y
neflR99BAgMBAAGjgYcwgYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAA
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAW
gBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRe
fEHPVGIwDQYJKoZIhvcNAQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCz
w048K/FfPikXw3lTvwFSVj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//r
KhLNsTtagU2JidhLC/BTkmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvI
Vpg0FMKd+k8Z7zWEpN3Luy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX
4ilqvXLrBcO+Blapcw5FUWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0U
boAqgTydDfb/DhXDs2dexEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END CERTIFICATE-----

Raw OCSP response headers

Accept-Ranges: [bytes]
Content-Length: [3434]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:56:19 GMT]
Last-Modified: [Sat, 29 Apr 2017 20:14:01 GMT]
Server: [ECS (lga/137D)]
X-Cache: [HIT]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.omniroot.com/baltimoreroot (GET)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.omniroot.com/baltimoreroot (GET)
Size: 3434 bytes (DER data)
Response time: 41.746433ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Cybertrust Validation 2015
Issued by: Baltimore CyberTrust Root
Signing certificate validity: 2015-09-09 - 2017-09-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 20
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/139D)
Cache Information: HIT

URL used for GET request

http:/baltimoreroot/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACBAcnpmE%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1Z
MIJHWMys+ghUNoZ7OrUETfACBAcnpmE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIINZgoBAKCCDV8wgg1bBgkrBgEFBQcwAQEEgg1MMIINSDCCCJ+iFgQUYDu7bOx1
Wh6ta6BG5gRefEHPVGIYDzIwMTcwNDI3MjEwODQxWjCCCHIwdjA9MAkGBSsOAwIa
BQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIE
ByemXqERGA8yMDE0MDQwOTE1NTYzOFoYDzIwMTcwNDI1MTYxMzM2WqARGA8yMDE3
MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QT
BBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemX4AAGA8yMDE3MDQyNTE2MTMzNlqg
ERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/
nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmCAABgPMjAxNzA0MjUx
NjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0V
WeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZhgAAYDzIw
MTcwNDI1MTYxMzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAE
FMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByem
YoAAGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUr
DgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUE
TfACBAcnpmOAABgPMjAxNzA0MjUxNjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjBl
MD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoI
VDaGezq1BE3wAgQHJ6ZkgAAYDzIwMTcwNDI1MTYxMzM2WqARGA8yMDE3MDcyMTE2
MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkw
gkdYzKz6CFQ2hns6tQRN8AIEByemZYAAGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAx
NzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPU
EwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmaAABgPMjAxNzA0MjUxNjEzMzZa
oBEYDzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJ
v52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZngAAYDzIwMTcwNDI1
MTYxMzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbt
FVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemaIAAGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmmhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmqhERgPMjAxNjA2MDgyMTUzMzRaGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmuhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmyhERgPMjAxNjExMDQyMTEwMjZaGA8y
MDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pm2hERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDQyNTE2MTMzNlqgERgPMjAxNzA3
MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpm6AABgPMjAxNzA0MjUxNjEzMzZaoBEY
DzIwMTcwNzIxMTYxMzM2WjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52A
eOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZvgAAYDzIwMTcwNDI1MTYx
MzM2WqARGA8yMDE3MDcyMTE2MTMzNlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVns
sF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemcIAAGA8yMDE3
MDQyNTE2MTMzNlqgERgPMjAxNzA3MjExNjEzMzZaMGUwPTAJBgUrDgMCGgUABBTB
L0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpnGA
ABgPMjAxNzA0MjUxNjEzMzZaoBEYDzIwMTcwNzIxMTYxMzM2WjANBgkqhkiG9w0B
AQUFAAOCAQEAOzPHbiIt9zw5Lu8pv6t9jFinEQQiM0jCFmT6zRvPQuslOnqTXg2L
7Ywpk7Jag5QMGGd1UkgkLIu24XAbb48HdE8d4w3TMq9l/qGY017S6Fgqya9eaGrV
hz0eP5HkYl0cz0fAGkBp+i7pPnq4CiyNMZ4YNIpkzbOXYyeG4T3sMqfSaLihSGDl
+Z8Fwdjxmwkw9MStaZj+J/3d8Pn+w/gQcvai4bRHm0xxoICaAqy3znlkfrPQajbW
SLcOAKNEzB0qkzYLTKorz2/Oj0W+oSSKZzdTKpnfXCtm2qtUcdZmAHljRKx8eUhD
bmnOsxq3h99GY/dVTrsIIbDyVciu4DsU5qCCA40wggOJMIIDhTCCAm2gAwIBAgIE
ByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFs
dGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUg
Q3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oXDTE3MDkwOTE3NDUzNlow
JTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9uIDIwMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/GLKvR5MFtSCSEj3AxShM
xOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUVJGL1ZtAfUGGT0AaZvVMb
i7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFoOEdN3JwqtzTPTVCptr33
L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5brg02fAX6w6uZlCnzP9M
oxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e7O5EDNSiF2xmhoyFQ7UZ
4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8YneflR99BAgMBAAGjgYcw
gYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH
gDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2
hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRefEHPVGIwDQYJKoZIhvcN
AQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCzw048K/FfPikXw3lTvwFS
Vj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//rKhLNsTtagU2JidhLC/BT
kmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvIVpg0FMKd+k8Z7zWEpN3L
uy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX4ilqvXLrBcO+Blapcw5F
UWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0UboAqgTydDfb/DhXDs2de
xEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDhTCCAm2gAwIBAgIEByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oX
DTE3MDkwOTE3NDUzNlowJTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9u
IDIwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/
GLKvR5MFtSCSEj3AxShMxOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUV
JGL1ZtAfUGGT0AaZvVMbi7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFo
OEdN3JwqtzTPTVCptr33L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5
brg02fAX6w6uZlCnzP9MoxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e
7O5EDNSiF2xmhoyFQ7UZ4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8Y
neflR99BAgMBAAGjgYcwgYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAA
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAW
gBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRe
fEHPVGIwDQYJKoZIhvcNAQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCz
w048K/FfPikXw3lTvwFSVj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//r
KhLNsTtagU2JidhLC/BTkmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvI
Vpg0FMKd+k8Z7zWEpN3Luy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX
4ilqvXLrBcO+Blapcw5FUWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0U
boAqgTydDfb/DhXDs2dexEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END CERTIFICATE-----

Raw OCSP response headers

Accept-Ranges: [bytes]
Content-Length: [3434]
Content-Type: [application/ocsp-response]
Date: [Sun, 30 Apr 2017 12:56:19 GMT]
Last-Modified: [Thu, 27 Apr 2017 21:15:20 GMT]
Server: [ECS (lga/139D)]
X-Cache: [HIT]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Baltimore CyberTrust Root (CA Certificate)

Certificate details for Baltimore CyberTrust Root (At position 2 in certificate chain)
Serial number:
hex: 20000b9
int: 33554617
Issued by: Baltimore CyberTrust Root
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Baltimore
Organization unit: CyberTrust
Country: IE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.