CRL & OCSP report for mypcis.dell.com (Dell USA L.P.)

mypcis.dell.com

Certificate details for mypcis.dell.com (At position 0 in certificate chain)
Serial number:
hex: 585f179daf44a04bbbeb77c8d23d535e2abee271
int: 504511815866237551038521969525935866086816670321
Issued by: Verizon Public SureServer CA G14-SHA2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Dell USA L.P.
Organization unit: Infrastructure Engineering and Operations
State / Province: TX
Locality: Round Rock
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for mypcis.dell.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://vpssg142.crl.omniroot.com/vpssg142.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://vpssg142.crl.omniroot.com/vpssg142.crl
Size: 96840 bytes (DER data)
Response time: 769.070632ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 2448

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: ECS (lga/1376)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=864000]
Content-Length: [96840]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 22:48:00 GMT]
Etag: ["a397f-17a48-552d019e9082e"]
Expires: [Wed, 05 Jul 2017 22:48:00 GMT]
Last-Modified: [Sun, 25 Jun 2017 22:10:24 GMT]
Server: [ECS (lga/1376)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is 196h31m23s before the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 196h31m23s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://vpssg142.ocsp.omniroot.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vpssg142.ocsp.omniroot.com (GET)
Size: 1742 bytes (DER data)
Response time: 948.520894ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: vpssg142 OCSP Responder 2017
Issued by: Verizon Public SureServer CA G14-SHA2
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h26m40s

Server and network information

Server Software: nginx

URL used for GET request

http://vpssg142.ocsp.omniroot.com/MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO%2ByzcKo2VaZokUXxSYAadGDgQU5C27kQFlJh%2B0ej%2BjFSWkzoxEMzsCFFhfF52vRKBLu%2Bt3yNI9U14qvuJx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO+yzcKo2VaZokUXxSYAadGDgQU5C27
kQFlJh+0ej+jFSWkzoxEMzsCFFhfF52vRKBLu+t3yNI9U14qvuJx
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGygoBAKCCBsMwgga/BgkrBgEFBQcwAQEEggawMIIGrDCBoqIWBBQV1hjQCiEE
5dPT2//+nn1vbPLmaRgPMjAxNzA2MjUyMjQ4MDBaMHcwdTBNMAkGBSsOAwIaBQAE
FAxOA77LNwqjZVpmiRRfFJgBp0YOBBTkLbuRAWUmH7R6P6MVJaTOjEQzOwIUWF8X
na9EoEu763fI0j1TXiq+4nGAABgPMjAxNzA2MjUyMjQ4MDBaoBEYDzIwMTcwNjI5
MjI0ODAwWjANBgkqhkiG9w0BAQUFAAOCAQEAke4dNuBaayD22BCE64jhEezBuHs9
loYY4CWr1Vb7Q2W9UEcc7EsVY6Y5zM6eyVNT6xJfRZ/WBEzIBEweaVs0dowVT9PU
AhAqj1hJcOxtsBjnIlYIGfFXo/ChKtD8FnAjFND5jZ/EJzVw9SSkgpOJ+qtctw/5
nPrA1DlQP1tCnXG4OUGi7byDEmWTSLCwIIgR8kbj96KL2+0hZz0oJZJaBSOXQcOU
OL/sF/gbRhplOgOS/8mqH0b/hACX9VrN4fAZaJi1+4GIQnshv/RSBpzzhKzm/DjO
ftcMr8TRP7Fptha/e7y/Idj8eYStEh+jeh9d0U63JGT0M/YJW/U2jGXqKKCCBO8w
ggTrMIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcN
AQELBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dnBzc2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDU
C2BJbnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYB
IEs605kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnung
Bks+W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN
9v4MO7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaA
YDbBjf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYB
BQUHAQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5j
b20vdnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5p
cm9vdC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNV
HQ4EFgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNj
wEL3lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4
+WvhqkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6A
qxgH3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE
7CLIXjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2my
RIOqU6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcph
mVmC6dgmjpNzPXgmx2M=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdnBz
c2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDUC2BJ
bnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYBIEs6
05kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnungBks+
W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN9v4M
O7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaAYDbB
jf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYBBQUH
AQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5jb20v
dnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9v
dC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggr
BgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNVHQ4E
FgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNjwEL3
lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4+Wvh
qkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6AqxgH
3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE7CLI
XjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2myRIOq
U6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcphmVmC
6dgmjpNzPXgmx2M=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=340000,public,no-transform,must-revalidate]
Content-Length: [1742]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 22:48:00 GMT]
Etag: ["b92ec7ab87e02123dd82acd3c31a0e08c4f8d459"]
Expires: [Thu, 29 Jun 2017 22:48:00 GMT]
Last-Modified: [Sun, 25 Jun 2017 22:48:00 GMT]
Server: [nginx]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://vpssg142.ocsp.omniroot.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://vpssg142.ocsp.omniroot.com (POST)
Size: 1742 bytes (DER data)
Response time: 1.818907231s
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: vpssg142 OCSP Responder 2017
Issued by: Verizon Public SureServer CA G14-SHA2
Signing certificate validity: 2017-03-10 - 2018-03-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQMTgO+yzcKo2VaZokUXxSYAadGDgQU5C27
kQFlJh+0ej+jFSWkzoxEMzsCFFhfF52vRKBLu+t3yNI9U14qvuJx
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGygoBAKCCBsMwgga/BgkrBgEFBQcwAQEEggawMIIGrDCBoqIWBBQV1hjQCiEE
5dPT2//+nn1vbPLmaRgPMjAxNzA2MjUyMjQ4MDFaMHcwdTBNMAkGBSsOAwIaBQAE
FAxOA77LNwqjZVpmiRRfFJgBp0YOBBTkLbuRAWUmH7R6P6MVJaTOjEQzOwIUWF8X
na9EoEu763fI0j1TXiq+4nGAABgPMjAxNzA2MjUyMjQ4MDFaoBEYDzIwMTcwNjI5
MjI0ODAxWjANBgkqhkiG9w0BAQUFAAOCAQEAMujsiRYM/co0t+LumhFUzvnapWxe
IBC44v8MLM9VtPzZXYnM12mDF6FOEMnTWUS+5AqtqLvqXceRDL66mbExBvF0Or8m
EsBKKKqZwlRxsI3VbZQXlrzP2BX56WgcqRmc7xQsUbrKgFyX9bNLV/CBCMI6ukPG
5vr19Wjm5ech2lleLCiMfXD9sWLMiiCSLQgTNzQSVa9GsWheTfaPiOpzK1yQPOB0
pjMtKFXITyNUsZ+uE4MuE/PpQBYheqjUgfFXMYQ0P9cly934u5LJNegadkIinTtq
39E8DZVTvBFbDA+ifKC8INwAkJnoEhhJluWSNPGWKifpfRptR6DTGwRNBaCCBO8w
ggTrMIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcN
AQELBQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNV
BAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVy
dHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0
LVNIQTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UE
BhMCTkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRl
cnByaXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMc
dnBzc2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDU
C2BJbnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYB
IEs605kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnung
Bks+W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN
9v4MO7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaA
YDbBjf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYB
BQUHAQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5j
b20vdnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5p
cm9vdC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNV
HQ4EFgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNj
wEL3lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4
+WvhqkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6A
qxgH3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE
7CLIXjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2my
RIOqU6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcph
mVmC6dgmjpNzPXgmx2M=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUX99HyczS1Kv0+/4usuUFjjocD6MwDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTcwMzEwMjE0NzI1WhcNMTgwMzA5MjE0NzI1WjCBhDELMAkGA1UEBhMC
TkwxEjAQBgNVBAcTCUFtc3RlcmRhbTElMCMGA1UEChMcVmVyaXpvbiBFbnRlcnBy
aXNlIFNvbHV0aW9uczETMBEGA1UECxMKQ3liZXJ0cnVzdDElMCMGA1UEAxMcdnBz
c2cxNDIgT0NTUCBSZXNwb25kZXIgMjAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMTzWf0f5sjsD2RwHmG+PAtxKrpp+jNoiXFghK77lBGDoKDUC2BJ
bnj2ZLDIW+GbQ+S5iWWgj5kI4irxSG8hTLTOXNXePbQbZatX4Ga61t/XkmYBIEs6
05kda3eAmiQ+1Y1YG1tX9a4WZ+J49fFkmIC1TLak7BakK1Ri93zKUeohnungBks+
W+bhODhrwJEg8YJF6boeKf5h2Y3WvL2e+t5xcMlp5v/azQGRS1K60ZiLhcGN9v4M
O7ZTwPu7Rj9RX4jPs9pcFWXaA5Jd0Kcd4U1zgjBG+9J5sy9L6L9HzIhi7jaAYDbB
jf9o5Sdk9Ol2stMP+oIaxnuFXSARAXGvcqECAwEAAaOCAUQwggFAMA8GCSsGAQUF
BzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+AQAwNDAyBggrBgEFBQcCARYm
aHR0cHM6Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwegYIKwYBBQUH
AQEEbjBsMDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9vdC5jb20v
dnBzc2cxNDIuY3J0MDQGCCsGAQUFBzAChihodHRwczovL2NhY2VydC5vbW5pcm9v
dC5jb20vdnBzc2cxNDIuZGVyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggr
BgEFBQcDCTAfBgNVHSMEGDAWgBTkLbuRAWUmH7R6P6MVJaTOjEQzOzAdBgNVHQ4E
FgQUFdYY0AohBOXT09v//p59b2zy5mkwDQYJKoZIhvcNAQELBQADggEBAKNjwEL3
lv6UzP742AzVIYivmNh00VIVAApN+u7E0KrYwfNmjTC8oyfQbm0g3txjb1L4+Wvh
qkRfuEBuJcbBiyvVxSooPHs8W6jHs0yVsLFS+7nPhSIwzITYBjlOVbhaaP6AqxgH
3ChTyPjisdWRtNnjlO6X/JPLj3YHNZ7cxBBmCahQiDb7ETiZ+N0UFBnqETIE7CLI
XjUEsNh6EdidjWTvgBrdV/kRWp5Ma+Qj6V+vhnAtOjzllbBxkJIGGKtYJ2myRIOq
U6u793KNuFn7xlwJiYdoVRlPIUuwu3b/8sd1IvCpuLO87jfxvzHAA62qXcphmVmC
6dgmjpNzPXgmx2M=
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1742]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 22:48:01 GMT]
Server: [nginx]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Verizon Public SureServer CA G14-SHA2 (CA Certificate)

Certificate details for Verizon Public SureServer CA G14-SHA2 (At position 1 in certificate chain)
Serial number:
hex: 727a661
int: 120039009
Issued by: Baltimore CyberTrust Root
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Verizon Enterprise Solutions
Organization unit: Cybertrust
Locality: Amsterdam
Country: NL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://cdp1.public-trust.com/CRL/Omniroot2025.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://cdp1.public-trust.com/CRL/Omniroot2025.crl
Size: 3869 bytes (DER data)
Response time: 4.474001ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 126

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/1390)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Length: [3869]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 22:48:00 GMT]
Etag: ["200c0-f1d-552672eafa7c0"]
Last-Modified: [Tue, 20 Jun 2017 17:00:01 GMT]
Server: [ECS (lga/1390)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.omniroot.com/baltimoreroot (GET)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.omniroot.com/baltimoreroot (GET)
Size: 3434 bytes (DER data)
Response time: 4.684875ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Cybertrust Validation 2015
Issued by: Baltimore CyberTrust Root
Signing certificate validity: 2015-09-09 - 2017-09-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 20
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/1361)
Cache Information: HIT

URL used for GET request

http://ocsp.omniroot.com/baltimoreroot/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACBAcnpmE%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1Z
MIJHWMys+ghUNoZ7OrUETfACBAcnpmE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIINZgoBAKCCDV8wgg1bBgkrBgEFBQcwAQEEgg1MMIINSDCCCJ+iFgQUYDu7bOx1
Wh6ta6BG5gRefEHPVGIYDzIwMTcwNjIzMDEyMTEzWjCCCHIwdjA9MAkGBSsOAwIa
BQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIE
ByemXqERGA8yMDE0MDQwOTE1NTYzOFoYDzIwMTcwNjIwMTU1NTUyWqARGA8yMDE3
MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QT
BBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemX4AAGA8yMDE3MDYyMDE1NTU1Mlqg
ERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/
nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmCAABgPMjAxNzA2MjAx
NTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0V
WeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZhgAAYDzIw
MTcwNjIwMTU1NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAE
FMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByem
YoAAGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUr
DgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUE
TfACBAcnpmOAABgPMjAxNzA2MjAxNTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjBl
MD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoI
VDaGezq1BE3wAgQHJ6ZkgAAYDzIwMTcwNjIwMTU1NTUyWqARGA8yMDE3MDkxNTE1
NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkw
gkdYzKz6CFQ2hns6tQRN8AIEByemZYAAGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAx
NzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPU
EwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmaAABgPMjAxNzA2MjAxNTU1NTJa
oBEYDzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJ
v52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZngAAYDzIwMTcwNjIw
MTU1NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbt
FVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemaIAAGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmmhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmqhERgPMjAxNjA2MDgyMTUzMzRaGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmuhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmyhERgPMjAxNjExMDQyMTEwMjZaGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pm2hERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpm6AABgPMjAxNzA2MjAxNTU1NTJaoBEY
DzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52A
eOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZvgAAYDzIwMTcwNjIwMTU1
NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVns
sF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemcIAAGA8yMDE3
MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTB
L0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpnGA
ABgPMjAxNzA2MjAxNTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjANBgkqhkiG9w0B
AQUFAAOCAQEATMLljfDyuepDQ0qyDg9OPs/7WY/H2UYEDkaGFtOLSa3wK1TRqbMw
jYmewA6QfCPR7FUWRT9BPSvuKbLBQBOyUKpS5/g2UkYU/ABTRtY8UmJpw/OGycKF
6GYpPYmhN4b+vRJhijsPvHM2yRNenAcbjYC+t0XPyhhV+uujHfqQf0C4Fc5Pu74I
+njBGHBvMNFBFYWZjmlapLAfIt56UqEO874GtNIek/jLpn+4DE6zP7Atgpz0ssaK
pfBilV3Tscrhr2jkM05rWPl+Cad90gP7QaYqASYIb1vD4u1Grv6ycGrqxJ9BIuaU
N64ASEf7c2GYGopt0kcrLISHKCSTcjz8uaCCA40wggOJMIIDhTCCAm2gAwIBAgIE
ByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFs
dGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUg
Q3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oXDTE3MDkwOTE3NDUzNlow
JTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9uIDIwMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/GLKvR5MFtSCSEj3AxShM
xOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUVJGL1ZtAfUGGT0AaZvVMb
i7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFoOEdN3JwqtzTPTVCptr33
L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5brg02fAX6w6uZlCnzP9M
oxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e7O5EDNSiF2xmhoyFQ7UZ
4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8YneflR99BAgMBAAGjgYcw
gYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH
gDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2
hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRefEHPVGIwDQYJKoZIhvcN
AQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCzw048K/FfPikXw3lTvwFS
Vj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//rKhLNsTtagU2JidhLC/BT
kmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvIVpg0FMKd+k8Z7zWEpN3L
uy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX4ilqvXLrBcO+Blapcw5F
UWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0UboAqgTydDfb/DhXDs2de
xEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDhTCCAm2gAwIBAgIEByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oX
DTE3MDkwOTE3NDUzNlowJTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9u
IDIwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/
GLKvR5MFtSCSEj3AxShMxOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUV
JGL1ZtAfUGGT0AaZvVMbi7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFo
OEdN3JwqtzTPTVCptr33L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5
brg02fAX6w6uZlCnzP9MoxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e
7O5EDNSiF2xmhoyFQ7UZ4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8Y
neflR99BAgMBAAGjgYcwgYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAA
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAW
gBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRe
fEHPVGIwDQYJKoZIhvcNAQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCz
w048K/FfPikXw3lTvwFSVj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//r
KhLNsTtagU2JidhLC/BTkmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvI
Vpg0FMKd+k8Z7zWEpN3Luy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX
4ilqvXLrBcO+Blapcw5FUWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0U
boAqgTydDfb/DhXDs2dexEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END CERTIFICATE-----

Raw OCSP response headers

Accept-Ranges: [bytes]
Content-Length: [3434]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 22:48:00 GMT]
Last-Modified: [Fri, 23 Jun 2017 01:35:45 GMT]
Server: [ECS (lga/1361)]
X-Cache: [HIT]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate expires before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.omniroot.com/baltimoreroot (POST)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.omniroot.com/baltimoreroot (POST)
Size: 3434 bytes (DER data)
Response time: 5.335512ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Cybertrust Validation 2015
Issued by: Baltimore CyberTrust Root
Signing certificate validity: 2015-09-09 - 2017-09-09
Signing certificate algorithm: SHA1-RSA
Reported statuses: 20
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: ECS (lga/137D)
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1Z
MIJHWMys+ghUNoZ7OrUETfACBAcnpmE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIINZgoBAKCCDV8wgg1bBgkrBgEFBQcwAQEEgg1MMIINSDCCCJ+iFgQUYDu7bOx1
Wh6ta6BG5gRefEHPVGIYDzIwMTcwNjI1MTk1NTQ1WjCCCHIwdjA9MAkGBSsOAwIa
BQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIE
ByemXqERGA8yMDE0MDQwOTE1NTYzOFoYDzIwMTcwNjIwMTU1NTUyWqARGA8yMDE3
MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QT
BBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemX4AAGA8yMDE3MDYyMDE1NTU1Mlqg
ERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/
nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmCAABgPMjAxNzA2MjAx
NTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0V
WeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZhgAAYDzIw
MTcwNjIwMTU1NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAE
FMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByem
YoAAGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUr
DgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUE
TfACBAcnpmOAABgPMjAxNzA2MjAxNTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjBl
MD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52AeOUj1BMEFOWdWTCCR1jMrPoI
VDaGezq1BE3wAgQHJ6ZkgAAYDzIwMTcwNjIwMTU1NTUyWqARGA8yMDE3MDkxNTE1
NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVnssF26ib+dgHjlI9QTBBTlnVkw
gkdYzKz6CFQ2hns6tQRN8AIEByemZYAAGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAx
NzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPU
EwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmaAABgPMjAxNzA2MjAxNTU1NTJa
oBEYDzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJ
v52AeOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZngAAYDzIwMTcwNjIw
MTU1NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbt
FVnssF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemaIAAGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmmhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmqhERgPMjAxNjA2MDgyMTUzMzRaGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pmuhERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpmyhERgPMjAxNjExMDQyMTEwMjZaGA8y
MDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMHYwPTAJBgUrDgMCGgUA
BBTBL0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcn
pm2hERgPMjAxNjA2MDgyMTUzMzRaGA8yMDE3MDYyMDE1NTU1MlqgERgPMjAxNzA5
MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom/nYB45SPUEwQU
5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpm6AABgPMjAxNzA2MjAxNTU1NTJaoBEY
DzIwMTcwOTE1MTU1NTUyWjBlMD0wCQYFKw4DAhoFAAQUwS9Fdu0VWeywXbqJv52A
eOUj1BMEFOWdWTCCR1jMrPoIVDaGezq1BE3wAgQHJ6ZvgAAYDzIwMTcwNjIwMTU1
NTUyWqARGA8yMDE3MDkxNTE1NTU1MlowZTA9MAkGBSsOAwIaBQAEFMEvRXbtFVns
sF26ib+dgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByemcIAAGA8yMDE3
MDYyMDE1NTU1MlqgERgPMjAxNzA5MTUxNTU1NTJaMGUwPTAJBgUrDgMCGgUABBTB
L0V27RVZ7LBduom/nYB45SPUEwQU5Z1ZMIJHWMys+ghUNoZ7OrUETfACBAcnpnGA
ABgPMjAxNzA2MjAxNTU1NTJaoBEYDzIwMTcwOTE1MTU1NTUyWjANBgkqhkiG9w0B
AQUFAAOCAQEAJrX2bg56MQuSvtYzo7T0PNG9lHTw8PYM9q43LPXbegSfkCnu6chO
q1ovpVeLIXs1GTQjs178lI7+2vLRfc3Qjx6UuDVvmKnxHeMC5tFDYHjDl8qYpUm1
rtfjWE6pLOOPhxx26LmlYoskWrXzJxI5gM/8WMKx2pOo5k0sWvX/+HB/GuvZEoOp
V677jzoOgpe7Mo1KylX+R0Wp9O/WwLVyDtSsEilN2T5HT0HXm0u9OOUl8UR5ZqEM
ELY1fMPHiJm6gKNUHlg7Hb6T4xpZjl+jpobm+XhmeIL+zdNxHi5xCpXprwih0kc1
NHDziDnZwbLPEG0/B+hXb80Sg8eEgUGiZqCCA40wggOJMIIDhTCCAm2gAwIBAgIE
ByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFs
dGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUg
Q3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oXDTE3MDkwOTE3NDUzNlow
JTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9uIDIwMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/GLKvR5MFtSCSEj3AxShM
xOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUVJGL1ZtAfUGGT0AaZvVMb
i7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFoOEdN3JwqtzTPTVCptr33
L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5brg02fAX6w6uZlCnzP9M
oxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e7O5EDNSiF2xmhoyFQ7UZ
4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8YneflR99BAgMBAAGjgYcw
gYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH
gDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2
hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRefEHPVGIwDQYJKoZIhvcN
AQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCzw048K/FfPikXw3lTvwFS
Vj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//rKhLNsTtagU2JidhLC/BT
kmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvIVpg0FMKd+k8Z7zWEpN3L
uy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX4ilqvXLrBcO+Blapcw5F
UWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0UboAqgTydDfb/DhXDs2de
xEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDhTCCAm2gAwIBAgIEByfTTDANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1MDkwOTE3NDYwM1oX
DTE3MDkwOTE3NDUzNlowJTEjMCEGA1UEAxMaQ3liZXJ0cnVzdCBWYWxpZGF0aW9u
IDIwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUPwX7srkoRmK/
GLKvR5MFtSCSEj3AxShMxOZ3S9bBsjA07JRJhO670on3Q3+7BjGJWhKF+YWiDFUV
JGL1ZtAfUGGT0AaZvVMbi7Yj2alCpO6k+vn35KuzXlTMHUlQOAG/14mLgY0SlBFo
OEdN3JwqtzTPTVCptr33L0Q0bgI9WlRlSINCPWtPVMB2HAEyQEbSMkzLi0G0p4B5
brg02fAX6w6uZlCnzP9MoxT3Muh40Oj/ySTAvUBAoOWot3EyGKvGVWJ5ymUOBY4e
7O5EDNSiF2xmhoyFQ7UZ4n9aUH1P4tDAENvjN4Lvu21NCOJjo2e852qDXOw+4U8Y
neflR99BAgMBAAGjgYcwgYQwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAA
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAW
gBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAdBgNVHQ4EFgQUYDu7bOx1Wh6ta6BG5gRe
fEHPVGIwDQYJKoZIhvcNAQEFBQADggEBAHxd07D/YGvcbvnKj5X0no6nMM1BDVCz
w048K/FfPikXw3lTvwFSVj8Wr7xVmML84JM0QlGspBLKTIBCQUTxYM9XSWR/C//r
KhLNsTtagU2JidhLC/BTkmzRZpFxvcGkuD4MYvDbZGz+Ly6n+cJIPLpGOYz5lPvI
Vpg0FMKd+k8Z7zWEpN3Luy3swPVXlYDZgzTILNZrpc2vWQtSDw29BoHwBN+gnloX
4ilqvXLrBcO+Blapcw5FUWzxPG5IT+j9DNu6ltgDpUNJL01703KgyawUM7DS8H0U
boAqgTydDfb/DhXDs2dexEKelh5Qv1gXsOqXC7hkRbAIkQMC1xsrfbE=
-----END CERTIFICATE-----

Raw OCSP response headers

Accept-Ranges: [bytes]
Content-Length: [3434]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 22:48:00 GMT]
Last-Modified: [Sun, 25 Jun 2017 20:20:13 GMT]
Server: [ECS (lga/137D)]
X-Cache: [HIT]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate expires before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Baltimore CyberTrust Root (CA Certificate)

Certificate details for Baltimore CyberTrust Root (At position 2 in certificate chain)
Serial number:
hex: 20000b9
int: 33554617
Issued by: Baltimore CyberTrust Root
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Baltimore
Organization unit: CyberTrust
Country: IE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.