CRL & OCSP report for *.eboi.pl

*.eboi.pl

Certificate details for *.eboi.pl (At position 0 in certificate chain)
Serial number:
hex: 5d87d3e54078e11516650cd719239bcc
int: 124323461435528138827272256678988585932
Issued by: Certum Domain Validation CA SHA2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Country: PL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for *.eboi.pl.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.certum.pl/dvcasha2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.certum.pl/dvcasha2.crl
Size: 81093 bytes (DER data)
Response time: 1.044991773s
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1630

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: nginx

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Length: [81093]
Content-Type: [application/x-pkcs7-crl]
Date: [Thu, 25 May 2017 10:35:39 GMT]
Etag: ["30024-13cc5-766085c0"]
Last-Modified: [Thu, 25 May 2017 10:12:47 GMT]
Server: [nginx]
X-Cached: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://dvcasha2.ocsp-certum.com (GET)Unknown

OCSP response information

Source: Authority Information Access in Certificate
Location: http://dvcasha2.ocsp-certum.com (GET)
Size: 1618 bytes (DER data)
Response time: 533.068695ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: Certum Domain Validation CA SHA2 Validation Service
Issued by: Certum Domain Validation CA SHA2
Signing certificate validity: 2017-03-23 - 2018-03-23
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Unknown

Relevant server response headers

Date:

Server and network information

Server Software: NetDNA-cache/2.2
Cache Information: MISS

URL used for GET request

http://dvcasha2.ocsp-certum.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTNcCPjJ499lHmfPUvPsRjzr1YchwQU5TGtvzoRlvSDvFA81LeQm5Du3iUCEF2H0%2BVAeOEVFmUM1xkjm8w%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTNcCPjJ499lHmfPUvPsRjzr1YchwQU5TGt
vzoRlvSDvFA81LeQm5Du3iUCEF2H0+VAeOEVFmUM1xkjm8w=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGTgoBAKCCBkcwggZDBgkrBgEFBQcwAQEEggY0MIIGMDCCAQigAwIBAKFwMG4x
CzAJBgNVBAYTAlBMMSEwHwYDVQQKDBhBc3NlY28gRGF0YSBTeXN0ZW1zIFMuQS4x
PDA6BgNVBAMMM0NlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBDQSBTSEEyIFZhbGlk
YXRpb24gU2VydmljZRgPMjAxNzA1MjUxMDM1MzlaMF4wXDBHMAcGBSsOAwIaBBTN
cCPjJ499lHmfPUvPsRjzr1YchwQU5TGtvzoRlvSDvFA81LeQm5Du3iUCEF2H0+VA
eOEVFmUM1xkjm8yCABgPMjAxNzA1MjUxMDM1MzlaoR4wHDAaBgkrBgEFBQcwAQQE
DTALBgkrBgEFBQcwAQEwCwYJKoZIhvcNAQELA4IBAQBIejotiYCo+zjQh4XuH0sq
mpBSZAki7haShpUGhVzMfUmhK3GlUl53mlOO9EDjLjoNPOIRDcdT5LjcJrfqgNqh
5GECsiaFSrZvSLYtXeGJEg1kn5dzbP+1914SoP+OFqdmacTUCSkeiAC1ZcN+1cmv
abaxsi4AQeZDALh+OgqiX5Wwt4pkp6N/syQoUw877aiMaKg741MmbezYQmZ1YqIz
8lMZ6uNBqc6e4DB4IcIwPBWthJ984zgyFnVQIxYQA9+i72bc3zUlja7G4uIWlATY
GN9rOF7cHLZvAiJxJsDjU3U+BSUCQVuFq/SoYl5Xk+5b4WGST0dTV/6t/3zlRADO
oIIEDjCCBAowggQGMIIC7qADAgECAhBTZKc0tHmG0nD4jSydoRqyMA0GCSqGSIb3
DQEBCwUAMIGFMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9s
b2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9y
aXR5MSkwJwYDVQQDEyBDZXJ0dW0gRG9tYWluIFZhbGlkYXRpb24gQ0EgU0hBMjAe
Fw0xNzAzMjMwODIzMjFaFw0xODAzMjMwODIzMjFaMG4xCzAJBgNVBAYTAlBMMSEw
HwYDVQQKDBhBc3NlY28gRGF0YSBTeXN0ZW1zIFMuQS4xPDA6BgNVBAMMM0NlcnR1
bSBEb21haW4gVmFsaWRhdGlvbiBDQSBTSEEyIFZhbGlkYXRpb24gU2VydmljZTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMavjfO0vQXOp+eRvWWx1q9T
vwVUzpiU49G4Tna3K8zyp0q9ACIrZMyAEKZRRlAYdmmsu01OnYsKED1hQioeDnpZ
9sgeCg7AoEhRwVrWtL/1Z8podRscYDcm/CwaiPxVKowrkU/95JJoGH2a8IN7vCRz
dsnrJlV/ekiw7gP9rf/8gQs14B+LiZEwxSpj7P7d66yF3/PpzZkEq5w9YNkqyGpZ
QzPCdf0ztI7tLfQfAwqTahO4JVnnXAizkPi6KvjNAcM65RsBHnTEoiFYJU8eEDjG
MkF9DgtcoZZuP+yNsdzv3thXbrzHSptXYk2YN6owL8O8woLxtDS0N56xX1NQNWcC
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFOUxrb86EZb0g7xQ
PNS3kJuQ7t4lMB0GA1UdDgQWBBT+XEPpKgYd2MmrFGdH/jQJL6AAJTAOBgNVHQ8B
Af8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEAR6aKYFN+57Y21Dycq4ydi0pCQ9vgdi20U1gNYBQp
glhxszYzD7+UD1ZN4B63Ro5j8Vh201KzMkOiCMs+BViaaIGeFWj3T0ZktbnrXVt+
4JDhS4otL+UpF2fWxEzMke67OUElY/fEiNqqRwItHq1aKV80jXd4yflee7T7boI2
bMYP8C6nO+uoY7Zkks4QOLRQR6FsCr8mKZLP7f4Z9bZyKA1bnLS68CdfIed1TjwX
GJL7Ir/4mx0nILP0bQeHB3nRil2t28ovAYUoCqL89vpZcZKLgoQdzMIbjgjuNcpS
9uki+gOBLoR+vLNg5mTI0ckltclufhSGbV+o9EZp1CCgLQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEBjCCAu6gAwIBAgIQU2SnNLR5htJw+I0snaEasjANBgkqhkiG9w0BAQsFADCB
hTELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEpMCcG
A1UEAxMgQ2VydHVtIERvbWFpbiBWYWxpZGF0aW9uIENBIFNIQTIwHhcNMTcwMzIz
MDgyMzIxWhcNMTgwMzIzMDgyMzIxWjBuMQswCQYDVQQGEwJQTDEhMB8GA1UECgwY
QXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMTwwOgYDVQQDDDNDZXJ0dW0gRG9tYWlu
IFZhbGlkYXRpb24gQ0EgU0hBMiBWYWxpZGF0aW9uIFNlcnZpY2UwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGr43ztL0Fzqfnkb1lsdavU78FVM6YlOPR
uE52tyvM8qdKvQAiK2TMgBCmUUZQGHZprLtNTp2LChA9YUIqHg56WfbIHgoOwKBI
UcFa1rS/9WfKaHUbHGA3JvwsGoj8VSqMK5FP/eSSaBh9mvCDe7wkc3bJ6yZVf3pI
sO4D/a3//IELNeAfi4mRMMUqY+z+3eushd/z6c2ZBKucPWDZKshqWUMzwnX9M7SO
7S30HwMKk2oTuCVZ51wIs5D4uir4zQHDOuUbAR50xKIhWCVPHhA4xjJBfQ4LXKGW
bj/sjbHc797YV268x0qbV2JNmDeqMC/DvMKC8bQ0tDeesV9TUDVnAgMBAAGjgYcw
gYQwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTlMa2/OhGW9IO8UDzUt5CbkO7e
JTAdBgNVHQ4EFgQU/lxD6SoGHdjJqxRnR/40CS+gACUwDgYDVR0PAQH/BAQDAgbA
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcN
AQELBQADggEBAEemimBTfue2NtQ8nKuMnYtKQkPb4HYttFNYDWAUKYJYcbM2Mw+/
lA9WTeAet0aOY/FYdtNSszJDogjLPgVYmmiBnhVo909GZLW5611bfuCQ4UuKLS/l
KRdn1sRMzJHuuzlBJWP3xIjaqkcCLR6tWilfNI13eMn5Xnu0+26CNmzGD/Aupzvr
qGO2ZJLOEDi0UEehbAq/JimSz+3+GfW2cigNW5y0uvAnXyHndU48FxiS+yK/+Jsd
JyCz9G0Hhwd50YpdrdvKLwGFKAqi/Pb6WXGSi4KEHczCG44I7jXKUvbpIvoDgS6E
fryzYOZkyNHJJbXJbn4Uhm1fqPRGadQgoC0=
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1618]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:35:40 GMT]
Server: [NetDNA-cache/2.2]
X-Cache: [MISS]
X-Cached: [MISS]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://dvcasha2.ocsp-certum.com (POST)Unknown

OCSP response information

Source: Authority Information Access in Certificate
Location: http://dvcasha2.ocsp-certum.com (POST)
Size: 1618 bytes (DER data)
Response time: 617.989348ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: Certum Domain Validation CA SHA2 Validation Service
Issued by: Certum Domain Validation CA SHA2
Signing certificate validity: 2017-03-23 - 2018-03-23
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Unknown

Relevant server response headers

Date:

Server and network information

Server Software: NetDNA-cache/2.2
Cache Information: MISS

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTNcCPjJ499lHmfPUvPsRjzr1YchwQU5TGt
vzoRlvSDvFA81LeQm5Du3iUCEF2H0+VAeOEVFmUM1xkjm8w=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGTgoBAKCCBkcwggZDBgkrBgEFBQcwAQEEggY0MIIGMDCCAQigAwIBAKFwMG4x
CzAJBgNVBAYTAlBMMSEwHwYDVQQKDBhBc3NlY28gRGF0YSBTeXN0ZW1zIFMuQS4x
PDA6BgNVBAMMM0NlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBDQSBTSEEyIFZhbGlk
YXRpb24gU2VydmljZRgPMjAxNzA1MjUxMDM1MzlaMF4wXDBHMAcGBSsOAwIaBBTN
cCPjJ499lHmfPUvPsRjzr1YchwQU5TGtvzoRlvSDvFA81LeQm5Du3iUCEF2H0+VA
eOEVFmUM1xkjm8yCABgPMjAxNzA1MjUxMDM1MzlaoR4wHDAaBgkrBgEFBQcwAQQE
DTALBgkrBgEFBQcwAQEwCwYJKoZIhvcNAQELA4IBAQBIejotiYCo+zjQh4XuH0sq
mpBSZAki7haShpUGhVzMfUmhK3GlUl53mlOO9EDjLjoNPOIRDcdT5LjcJrfqgNqh
5GECsiaFSrZvSLYtXeGJEg1kn5dzbP+1914SoP+OFqdmacTUCSkeiAC1ZcN+1cmv
abaxsi4AQeZDALh+OgqiX5Wwt4pkp6N/syQoUw877aiMaKg741MmbezYQmZ1YqIz
8lMZ6uNBqc6e4DB4IcIwPBWthJ984zgyFnVQIxYQA9+i72bc3zUlja7G4uIWlATY
GN9rOF7cHLZvAiJxJsDjU3U+BSUCQVuFq/SoYl5Xk+5b4WGST0dTV/6t/3zlRADO
oIIEDjCCBAowggQGMIIC7qADAgECAhBTZKc0tHmG0nD4jSydoRqyMA0GCSqGSIb3
DQEBCwUAMIGFMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9s
b2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9y
aXR5MSkwJwYDVQQDEyBDZXJ0dW0gRG9tYWluIFZhbGlkYXRpb24gQ0EgU0hBMjAe
Fw0xNzAzMjMwODIzMjFaFw0xODAzMjMwODIzMjFaMG4xCzAJBgNVBAYTAlBMMSEw
HwYDVQQKDBhBc3NlY28gRGF0YSBTeXN0ZW1zIFMuQS4xPDA6BgNVBAMMM0NlcnR1
bSBEb21haW4gVmFsaWRhdGlvbiBDQSBTSEEyIFZhbGlkYXRpb24gU2VydmljZTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMavjfO0vQXOp+eRvWWx1q9T
vwVUzpiU49G4Tna3K8zyp0q9ACIrZMyAEKZRRlAYdmmsu01OnYsKED1hQioeDnpZ
9sgeCg7AoEhRwVrWtL/1Z8podRscYDcm/CwaiPxVKowrkU/95JJoGH2a8IN7vCRz
dsnrJlV/ekiw7gP9rf/8gQs14B+LiZEwxSpj7P7d66yF3/PpzZkEq5w9YNkqyGpZ
QzPCdf0ztI7tLfQfAwqTahO4JVnnXAizkPi6KvjNAcM65RsBHnTEoiFYJU8eEDjG
MkF9DgtcoZZuP+yNsdzv3thXbrzHSptXYk2YN6owL8O8woLxtDS0N56xX1NQNWcC
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFOUxrb86EZb0g7xQ
PNS3kJuQ7t4lMB0GA1UdDgQWBBT+XEPpKgYd2MmrFGdH/jQJL6AAJTAOBgNVHQ8B
Af8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEAR6aKYFN+57Y21Dycq4ydi0pCQ9vgdi20U1gNYBQp
glhxszYzD7+UD1ZN4B63Ro5j8Vh201KzMkOiCMs+BViaaIGeFWj3T0ZktbnrXVt+
4JDhS4otL+UpF2fWxEzMke67OUElY/fEiNqqRwItHq1aKV80jXd4yflee7T7boI2
bMYP8C6nO+uoY7Zkks4QOLRQR6FsCr8mKZLP7f4Z9bZyKA1bnLS68CdfIed1TjwX
GJL7Ir/4mx0nILP0bQeHB3nRil2t28ovAYUoCqL89vpZcZKLgoQdzMIbjgjuNcpS
9uki+gOBLoR+vLNg5mTI0ckltclufhSGbV+o9EZp1CCgLQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEBjCCAu6gAwIBAgIQU2SnNLR5htJw+I0snaEasjANBgkqhkiG9w0BAQsFADCB
hTELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEpMCcG
A1UEAxMgQ2VydHVtIERvbWFpbiBWYWxpZGF0aW9uIENBIFNIQTIwHhcNMTcwMzIz
MDgyMzIxWhcNMTgwMzIzMDgyMzIxWjBuMQswCQYDVQQGEwJQTDEhMB8GA1UECgwY
QXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMTwwOgYDVQQDDDNDZXJ0dW0gRG9tYWlu
IFZhbGlkYXRpb24gQ0EgU0hBMiBWYWxpZGF0aW9uIFNlcnZpY2UwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGr43ztL0Fzqfnkb1lsdavU78FVM6YlOPR
uE52tyvM8qdKvQAiK2TMgBCmUUZQGHZprLtNTp2LChA9YUIqHg56WfbIHgoOwKBI
UcFa1rS/9WfKaHUbHGA3JvwsGoj8VSqMK5FP/eSSaBh9mvCDe7wkc3bJ6yZVf3pI
sO4D/a3//IELNeAfi4mRMMUqY+z+3eushd/z6c2ZBKucPWDZKshqWUMzwnX9M7SO
7S30HwMKk2oTuCVZ51wIs5D4uir4zQHDOuUbAR50xKIhWCVPHhA4xjJBfQ4LXKGW
bj/sjbHc797YV268x0qbV2JNmDeqMC/DvMKC8bQ0tDeesV9TUDVnAgMBAAGjgYcw
gYQwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTlMa2/OhGW9IO8UDzUt5CbkO7e
JTAdBgNVHQ4EFgQU/lxD6SoGHdjJqxRnR/40CS+gACUwDgYDVR0PAQH/BAQDAgbA
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcN
AQELBQADggEBAEemimBTfue2NtQ8nKuMnYtKQkPb4HYttFNYDWAUKYJYcbM2Mw+/
lA9WTeAet0aOY/FYdtNSszJDogjLPgVYmmiBnhVo909GZLW5611bfuCQ4UuKLS/l
KRdn1sRMzJHuuzlBJWP3xIjaqkcCLR6tWilfNI13eMn5Xnu0+26CNmzGD/Aupzvr
qGO2ZJLOEDi0UEehbAq/JimSz+3+GfW2cigNW5y0uvAnXyHndU48FxiS+yK/+Jsd
JyCz9G0Hhwd50YpdrdvKLwGFKAqi/Pb6WXGSi4KEHczCG44I7jXKUvbpIvoDgS6E
fryzYOZkyNHJJbXJbn4Uhm1fqPRGadQgoC0=
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1618]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:35:40 GMT]
Server: [NetDNA-cache/2.2]
X-Cache: [MISS]
X-Cached: [MISS]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)

Certum Domain Validation CA SHA2 (CA Certificate)

Certificate details for Certum Domain Validation CA SHA2 (At position 1 in certificate chain)
Serial number:
hex: 26ddd22b46c9c44d5a694d39807e72ad
int: 51662424180298626828386908070851015341
Issued by: Certum Trusted Network CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Unizeto Technologies S.A.
Organization unit: Certum Certification Authority
Country: PL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.certum.pl/ctnca.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.certum.pl/ctnca.crl
Size: 456 bytes (DER data)
Response time: 280.392873ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: nginx

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Length: [456]
Content-Type: [application/x-pkcs7-crl]
Date: [Thu, 25 May 2017 10:35:39 GMT]
Etag: ["30009-1c8-30e73480"]
Last-Modified: [Thu, 18 May 2017 10:51:46 GMT]
Server: [nginx]
X-Cached: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://subca.ocsp-certum.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://subca.ocsp-certum.com (GET)
Size: 1701 bytes (DER data)
Response time: 83.812399ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: Certum Trusted Network CA Validation Service
Issued by: Certum Trusted Network CA
Signing certificate validity: 2016-12-20 - 2018-01-20
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: NetDNA-cache/2.2
Cache Information: HIT

URL used for GET request

http://subca.ocsp-certum.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTYOkzrrCGQj08njZXbUQQpkoUmuQQUCHbNywf%2FJPbFze27kLzihDdGdfcCECbd0itGycRNWmlNOYB%2Bcq0%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTYOkzrrCGQj08njZXbUQQpkoUmuQQUCHbN
ywf/JPbFze27kLzihDdGdfcCECbd0itGycRNWmlNOYB+cq0=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGoQoBAKCCBpowggaWBgkrBgEFBQcwAQEEggaHMIIGgzCCAT+gAwIBAKGBkzCB
kDELMAkGA1UEBhMCUEwxITAfBgNVBAoMGEFzc2VjbyBEYXRhIFN5c3RlbXMgUy5B
LjEnMCUGA1UECwweQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTUwMwYD
VQQDDCxDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBIFZhbGlkYXRpb24gU2Vydmlj
ZRgPMjAxNzA1MjUxMDIxNDJaMHEwbzBHMAcGBSsOAwIaBBTYOkzrrCGQj08njZXb
UQQpkoUmuQQUCHbNywf/JPbFze27kLzihDdGdfcCECbd0itGycRNWmlNOYB+cq2A
ABgPMjAxNzA1MjUxMDIxNDJaoBEYDzIwMTcwNjAxMTAyMTQyWqEeMBwwGgYJKwYB
BQUHMAEEBA0wCwYJKwYBBQUHMAEBMAsGCSqGSIb3DQEBCwOCAQEAidXxDP3NNSaK
HzEaCL93OqHNX4ZkYX+QYxFn7Qtuilby2XjQFXrGQ/pssnoTgcG6YbYv21F1ZjN7
BO4LIp30G6wnSfnkg14o5dkRNwQm7UGCUikAPG1Y/DhmJKYQEcW9iS3QpDuZZl1P
PO+drB47DhhqxSy+WziWpJskXI2wcFkSEyoapCYznXOeMpBIH2ATLBj7h+CbzY4m
4WPC3eJtzWJDWQQ9tH+3kFJrZCmqaSw6/+nfsziYb86d0lZUPkwDHid9Sbl3nTTI
woKWDKB4A2mzzGDMFRq6ywmKrtyjM5/56rMLLcpGPZP5GJoOfRs+RKdinJ8CuQtc
XMEEKFh40qCCBCowggQmMIIEIjCCAwqgAwIBAgIRAIKBoc2MXU5zczHgQoeHFi8w
DQYJKoZIhvcNAQELBQAwfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8g
VGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTEiMCAGA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAe
Fw0xNjEyMjAxMDIzMTdaFw0xODAxMjAxMDIzMTdaMIGQMQswCQYDVQQGEwJQTDEh
MB8GA1UECgwYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLDB5DZXJ0
dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxNTAzBgNVBAMMLENlcnR1bSBUcnVz
dGVkIE5ldHdvcmsgQ0EgVmFsaWRhdGlvbiBTZXJ2aWNlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAwtVBQgCH+0nu1+useh3wI1UG/LWd28hvRM9MDfiL
G5NVWOfM8LBq45EWF7pTk0sPnROC5/Mi3D53jTvQcjgcGtzTQ93VrFpjxw6eVbh9
JRm77RnDQEZmHgxgAyamaohgvpDum9Ye6WNp00lviAXBmAMX2b9wV/uvGJnX67C6
qIS+I9tz6xeJmPr005b57/4EdFJAy9j9Tr2+8MaVvYRM5eD/nVUMg3T9PnN1DKSG
T3lItUXSifV21oj7chBdriJto9k37ZPOliu1Dbb0QBKLpfXJPvBYp8UWkLrkTbdQ
QBGsrqONF8kvF/fpu+WZiGvU2rRPC4rbq0B2N4Jk5I+f8QIDAQABo4GHMIGEMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFOihAvBMd8WKbOeMbvaubqIe9X74MB8GA1Ud
IwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3MA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCgyyn8boj1vuysmywJr8j9mwWjkV2bKdxJg/nIdC2KnJIbxy4PSqAFjpHg
B7wFf17UH5ZNsJDdKNu06UQ6vZUn/qRskSM2Q2+4yBLmquXGbGW2nWdjxslLM1/i
IkDC69MQPzFLLuQq4sMg5OdLMTnO/Uykiw7YV3ZcjIiA+lbFswfjR+GYISIInxe9
mYgBcwmvwlgoE+nWcwkXpb6XBz9Q647djU7zMxcFsiUBAvP3rdGd6Cf/wHdVnDjp
Gstnwzpu2Wg2JP1BzI4bhco62LUvWDIA+QtuLcB7zb/hwOP4J/sXTv1No+7aBPss
5LvaUdmdi0tHi5l2/fv3CSVzHeWo
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEIjCCAwqgAwIBAgIRAIKBoc2MXU5zczHgQoeHFi8wDQYJKoZIhvcNAQELBQAw
fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0xNjEyMjAxMDIzMTda
Fw0xODAxMjAxMDIzMTdaMIGQMQswCQYDVQQGEwJQTDEhMB8GA1UECgwYQXNzZWNv
IERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLDB5DZXJ0dW0gQ2VydGlmaWNhdGlv
biBBdXRob3JpdHkxNTAzBgNVBAMMLENlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0Eg
VmFsaWRhdGlvbiBTZXJ2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwtVBQgCH+0nu1+useh3wI1UG/LWd28hvRM9MDfiLG5NVWOfM8LBq45EWF7pT
k0sPnROC5/Mi3D53jTvQcjgcGtzTQ93VrFpjxw6eVbh9JRm77RnDQEZmHgxgAyam
aohgvpDum9Ye6WNp00lviAXBmAMX2b9wV/uvGJnX67C6qIS+I9tz6xeJmPr005b5
7/4EdFJAy9j9Tr2+8MaVvYRM5eD/nVUMg3T9PnN1DKSGT3lItUXSifV21oj7chBd
riJto9k37ZPOliu1Dbb0QBKLpfXJPvBYp8UWkLrkTbdQQBGsrqONF8kvF/fpu+WZ
iGvU2rRPC4rbq0B2N4Jk5I+f8QIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFOihAvBMd8WKbOeMbvaubqIe9X74MB8GA1UdIwQYMBaAFAh2zcsH/yT2
xc3tu5C84oQ3RnX3MA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcD
CTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCgyyn8boj1vuys
mywJr8j9mwWjkV2bKdxJg/nIdC2KnJIbxy4PSqAFjpHgB7wFf17UH5ZNsJDdKNu0
6UQ6vZUn/qRskSM2Q2+4yBLmquXGbGW2nWdjxslLM1/iIkDC69MQPzFLLuQq4sMg
5OdLMTnO/Uykiw7YV3ZcjIiA+lbFswfjR+GYISIInxe9mYgBcwmvwlgoE+nWcwkX
pb6XBz9Q647djU7zMxcFsiUBAvP3rdGd6Cf/wHdVnDjpGstnwzpu2Wg2JP1BzI4b
hco62LUvWDIA+QtuLcB7zb/hwOP4J/sXTv1No+7aBPss5LvaUdmdi0tHi5l2/fv3
CSVzHeWo
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1701]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:35:39 GMT]
Server: [NetDNA-cache/2.2]
X-Cache: [HIT]
X-Cached: [MISS]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://subca.ocsp-certum.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://subca.ocsp-certum.com (POST)
Size: 1701 bytes (DER data)
Response time: 83.224507ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: Certum Trusted Network CA Validation Service
Issued by: Certum Trusted Network CA
Signing certificate validity: 2016-12-20 - 2018-01-20
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: NetDNA-cache/2.2
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTYOkzrrCGQj08njZXbUQQpkoUmuQQUCHbN
ywf/JPbFze27kLzihDdGdfcCECbd0itGycRNWmlNOYB+cq0=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGoQoBAKCCBpowggaWBgkrBgEFBQcwAQEEggaHMIIGgzCCAT+gAwIBAKGBkzCB
kDELMAkGA1UEBhMCUEwxITAfBgNVBAoMGEFzc2VjbyBEYXRhIFN5c3RlbXMgUy5B
LjEnMCUGA1UECwweQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTUwMwYD
VQQDDCxDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBIFZhbGlkYXRpb24gU2Vydmlj
ZRgPMjAxNzA1MjUxMDIwMTFaMHEwbzBHMAcGBSsOAwIaBBTYOkzrrCGQj08njZXb
UQQpkoUmuQQUCHbNywf/JPbFze27kLzihDdGdfcCECbd0itGycRNWmlNOYB+cq2A
ABgPMjAxNzA1MjUxMDIwMTFaoBEYDzIwMTcwNjAxMTAyMDExWqEeMBwwGgYJKwYB
BQUHMAEEBA0wCwYJKwYBBQUHMAEBMAsGCSqGSIb3DQEBCwOCAQEAU6fUbNupvmFJ
fw7qvagU2JcpvQvw9v+H4iOcMRivb7fZUMHFV1hNrLwtXbIQsK+uAFGTPIN9CR/y
xkAMQEo7ScboJlNRjDkIQj0SSCgKakiIJiirEGlV4lqoJL5OrOCfgsaIJKRInDJZ
0+tXSSZb8n60f9u63ksvH9jMtL5FSEmMdyN+yot+RoDdSXG8DKSKCYZGncwSVmds
aWji17lHmZOHIyfHRiW7fFMPBi90e9pLknNUikuNvbtc5Bkb+BXGtNnMtcL8SKxo
lwTxcGFvmusAXWyrQO9zsMUO75C8kb/utpt1ze8hrnhtgANLjGbLK508hYZhiC8r
TtZUkMaUK6CCBCowggQmMIIEIjCCAwqgAwIBAgIRAIKBoc2MXU5zczHgQoeHFi8w
DQYJKoZIhvcNAQELBQAwfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8g
VGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTEiMCAGA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAe
Fw0xNjEyMjAxMDIzMTdaFw0xODAxMjAxMDIzMTdaMIGQMQswCQYDVQQGEwJQTDEh
MB8GA1UECgwYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLDB5DZXJ0
dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxNTAzBgNVBAMMLENlcnR1bSBUcnVz
dGVkIE5ldHdvcmsgQ0EgVmFsaWRhdGlvbiBTZXJ2aWNlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAwtVBQgCH+0nu1+useh3wI1UG/LWd28hvRM9MDfiL
G5NVWOfM8LBq45EWF7pTk0sPnROC5/Mi3D53jTvQcjgcGtzTQ93VrFpjxw6eVbh9
JRm77RnDQEZmHgxgAyamaohgvpDum9Ye6WNp00lviAXBmAMX2b9wV/uvGJnX67C6
qIS+I9tz6xeJmPr005b57/4EdFJAy9j9Tr2+8MaVvYRM5eD/nVUMg3T9PnN1DKSG
T3lItUXSifV21oj7chBdriJto9k37ZPOliu1Dbb0QBKLpfXJPvBYp8UWkLrkTbdQ
QBGsrqONF8kvF/fpu+WZiGvU2rRPC4rbq0B2N4Jk5I+f8QIDAQABo4GHMIGEMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFOihAvBMd8WKbOeMbvaubqIe9X74MB8GA1Ud
IwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3MA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCgyyn8boj1vuysmywJr8j9mwWjkV2bKdxJg/nIdC2KnJIbxy4PSqAFjpHg
B7wFf17UH5ZNsJDdKNu06UQ6vZUn/qRskSM2Q2+4yBLmquXGbGW2nWdjxslLM1/i
IkDC69MQPzFLLuQq4sMg5OdLMTnO/Uykiw7YV3ZcjIiA+lbFswfjR+GYISIInxe9
mYgBcwmvwlgoE+nWcwkXpb6XBz9Q647djU7zMxcFsiUBAvP3rdGd6Cf/wHdVnDjp
Gstnwzpu2Wg2JP1BzI4bhco62LUvWDIA+QtuLcB7zb/hwOP4J/sXTv1No+7aBPss
5LvaUdmdi0tHi5l2/fv3CSVzHeWo
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEIjCCAwqgAwIBAgIRAIKBoc2MXU5zczHgQoeHFi8wDQYJKoZIhvcNAQELBQAw
fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0xNjEyMjAxMDIzMTda
Fw0xODAxMjAxMDIzMTdaMIGQMQswCQYDVQQGEwJQTDEhMB8GA1UECgwYQXNzZWNv
IERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLDB5DZXJ0dW0gQ2VydGlmaWNhdGlv
biBBdXRob3JpdHkxNTAzBgNVBAMMLENlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0Eg
VmFsaWRhdGlvbiBTZXJ2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwtVBQgCH+0nu1+useh3wI1UG/LWd28hvRM9MDfiLG5NVWOfM8LBq45EWF7pT
k0sPnROC5/Mi3D53jTvQcjgcGtzTQ93VrFpjxw6eVbh9JRm77RnDQEZmHgxgAyam
aohgvpDum9Ye6WNp00lviAXBmAMX2b9wV/uvGJnX67C6qIS+I9tz6xeJmPr005b5
7/4EdFJAy9j9Tr2+8MaVvYRM5eD/nVUMg3T9PnN1DKSGT3lItUXSifV21oj7chBd
riJto9k37ZPOliu1Dbb0QBKLpfXJPvBYp8UWkLrkTbdQQBGsrqONF8kvF/fpu+WZ
iGvU2rRPC4rbq0B2N4Jk5I+f8QIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFOihAvBMd8WKbOeMbvaubqIe9X74MB8GA1UdIwQYMBaAFAh2zcsH/yT2
xc3tu5C84oQ3RnX3MA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcD
CTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCgyyn8boj1vuys
mywJr8j9mwWjkV2bKdxJg/nIdC2KnJIbxy4PSqAFjpHgB7wFf17UH5ZNsJDdKNu0
6UQ6vZUn/qRskSM2Q2+4yBLmquXGbGW2nWdjxslLM1/iIkDC69MQPzFLLuQq4sMg
5OdLMTnO/Uykiw7YV3ZcjIiA+lbFswfjR+GYISIInxe9mYgBcwmvwlgoE+nWcwkX
pb6XBz9Q647djU7zMxcFsiUBAvP3rdGd6Cf/wHdVnDjpGstnwzpu2Wg2JP1BzI4b
hco62LUvWDIA+QtuLcB7zb/hwOP4J/sXTv1No+7aBPss5LvaUdmdi0tHi5l2/fv3
CSVzHeWo
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1701]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:35:39 GMT]
Server: [NetDNA-cache/2.2]
X-Cache: [HIT]
X-Cached: [HIT]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Certum Trusted Network CA (CA Certificate)

Certificate details for Certum Trusted Network CA (At position 2 in certificate chain)
Serial number:
hex: 444c0
int: 279744
Issued by: Certum Trusted Network CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Unizeto Technologies S.A.
Organization unit: Certum Certification Authority
Country: PL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.