CRL & OCSP report for www.jvsisters.com.au

www.jvsisters.com.au

Certificate details for www.jvsisters.com.au (At position 0 in certificate chain)
Serial number:
hex: 1121b517243521299213b173eaf917c837dc
int: 1492378889372756079966756334067744162461660
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated by OneClickSSL
Country: AU
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.jvsisters.com.au.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl
Size: 108411 bytes (DER data)
Response time: 13.859029ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3385

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Miss from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3647df13e4c82192-EWR]
Content-Length: [108411]
Content-Type: [application/pkix-crl]
Date: [Thu, 25 May 2017 10:39:32 GMT]
Etag: [E486]
Expires: [Wed, 31 May 2017 15:03:30 GMT]
Last-Modified: [Wed, 24 May 2017 15:03:30 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d00d6c4d97e1df8b3e1dccbb9943d63931495708772; expires=Fri, 25-May-18 10:39:32 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 9c3935366a39acd2af942625478df61e.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [aMYRzUImZyY2UYsgpzKxSlhN0GAKGN9YJ9dpSxM7Uj8xO4ich_1gQQ==]
X-Cache: [Miss from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g2 (GET)
Size: 1602 bytes (DER data)
Response time: 546.74629ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

URL used for GET request

http://ocsp2.globalsign.com/gsdomainvalsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2%2Be7AwQ96%2FHwxJKnDYl18YQQU6k581IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc%2Br5F8g33A%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2+e7AwQ96/HwxJKnDYl18YQQU6k58
1IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc+r5F8g33A==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGPgoBAKCCBjcwggYzBgkrBgEFBQcwAQEEggYkMIIGIDCBxqIWBBQysc4UiMQc
d8Z9Cy2u/ladOl9OaRgPMjAxNzA1MjUxMDM5MzJaMIGaMIGXMEswCQYFKw4DAhoF
AAQU0fG1dvnuwMEPevx8MSSpw2JdfGEEFOpOfNSALeUVgYYmjIJtwJikz5cPAhIR
IbUXJDUhKZITsXPq+RfIN9yAABgPMjAxNzA1MjUxMDM5MzJaoBEYDzIwMTcwNTI5
MTAzOTMyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNTI1MTAzOTMyWjANBgkq
hkiG9w0BAQsFAAOCAQEASTznGRx5c8i1XN05RYm6Z0+Yy/+qCXfgOOU+7MraV8M5
0pOsYGRqAp/agPb70F7iXWtY2ugnOdorSYhgFBK3eMTMTu683i1mwQgXvD7yG6T+
f9kavlMak3oEC2IxkZBhMwSK/lnRqokjRzbdgt8B8waAA49CAqt3c/W1+WdwBX3V
aFh01piMZMIhqie6TqfOsajd9mRXaIKIE41q66IhMqE1JDjWDL3Xpl7X5R4FCfh/
kkH3fVW3Qf23TgjotFpdQISsRBBeLyXSjLlOnXZT+96LGj1IS6CD5kdAB8xLYtjd
OHERduK7KkmkteQugRVGcRXH32W7tr2SO3sIR7pIFKCCBD8wggQ7MIIENzCCAx+g
AwIBAgIMT69OOrSkuitSoCJpMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcwNTA0MDgx
MjEyWhcNMTcwODA0MDgxMjEyWjCBiDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
b2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxOTFHMEUGA1UEAxM+
R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyIC0g
T0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb
uh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4gLDg3c3/s9/P
hgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/Gz2poaV0h/eA
fs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTtJeEegJFtjWVV
UhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz/AEoqaR+EijC
j05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya49NXWCM+eSRv
GoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKxzhSIxBx3xn0L
La7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQA5Iku0td8VPvqitNJu7Olia4Ypt3VQYy/d6XxzR1cFN8JZQZsINlSpsIDhimhk
+kbJOmEw/H3DJ3w7tTAIMVTK7YsTu4C5LUEBvcVlxvcK/ejjjSWjS+rJApILjCUe
35a7pEOUD9Xr38b8WZgAbDafnlXr7nsvHHaERKW0xbYr0A/DqSuqIrm74RJ6QFtD
AL3VY2sAXh69hFJ45hVvWxp8Qty6fX1EPqt5vXRBXPVt0CYWHhKmOTA0IYyS7fag
K0trK5O3RhwgzAC1hanmMHADECSGuWdcXpW7Sa0rOB96yCjFzrHTePoBAZqF3ang
jhcQgc7BTt534iqVZwajKbxW
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMT69OOrSkuitSoCJpMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwNTA0MDgxMjEyWhcNMTcwODA0MDgxMjEyWjCBiDELMAkGA1UEBhMCQkUxGTAX
BgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxOTFH
MEUGA1UEAxM+R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1
NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCbuh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4
gLDg3c3/s9/PhgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/
Gz2poaV0h/eAfs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTt
JeEegJFtjWVVUhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz
/AEoqaR+EijCj05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya
49NXWCM+eSRvGoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKx
zhSIxBx3xn0LLa7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJik
z5cPMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQA5Iku0td8VPvqitNJu7Olia4Ypt3VQYy/d6XxzR1cFN8JZQZsI
NlSpsIDhimhk+kbJOmEw/H3DJ3w7tTAIMVTK7YsTu4C5LUEBvcVlxvcK/ejjjSWj
S+rJApILjCUe35a7pEOUD9Xr38b8WZgAbDafnlXr7nsvHHaERKW0xbYr0A/DqSuq
Irm74RJ6QFtDAL3VY2sAXh69hFJ45hVvWxp8Qty6fX1EPqt5vXRBXPVt0CYWHhKm
OTA0IYyS7fagK0trK5O3RhwgzAC1hanmMHADECSGuWdcXpW7Sa0rOB96yCjFzrHT
ePoBAZqF3angjhcQgc7BTt534iqVZwajKbxW
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3647df13e56321b0-EWR]
Content-Length: [1602]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:39:33 GMT]
Etag: ["15267795ea0422a9cdad440c6a7909324308a31a"]
Expires: [Mon, 29 May 2017 10:39:32 GMT]
Last-Modified: [Thu, 25 May 2017 10:39:32 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d2a9fe7c1856de7468b50b66e1e12fd951495708772; expires=Fri, 25-May-18 10:39:32 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g2 (POST)
Size: 1602 bytes (DER data)
Response time: 1.011118541s
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2+e7AwQ96/HwxJKnDYl18YQQU6k58
1IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc+r5F8g33A==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGPgoBAKCCBjcwggYzBgkrBgEFBQcwAQEEggYkMIIGIDCBxqIWBBQysc4UiMQc
d8Z9Cy2u/ladOl9OaRgPMjAxNzA1MjUxMDM5MzJaMIGaMIGXMEswCQYFKw4DAhoF
AAQU0fG1dvnuwMEPevx8MSSpw2JdfGEEFOpOfNSALeUVgYYmjIJtwJikz5cPAhIR
IbUXJDUhKZITsXPq+RfIN9yAABgPMjAxNzA1MjUxMDM5MzJaoBEYDzIwMTcwNTI5
MTAzOTMyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNTI1MTAzOTMyWjANBgkq
hkiG9w0BAQsFAAOCAQEASTznGRx5c8i1XN05RYm6Z0+Yy/+qCXfgOOU+7MraV8M5
0pOsYGRqAp/agPb70F7iXWtY2ugnOdorSYhgFBK3eMTMTu683i1mwQgXvD7yG6T+
f9kavlMak3oEC2IxkZBhMwSK/lnRqokjRzbdgt8B8waAA49CAqt3c/W1+WdwBX3V
aFh01piMZMIhqie6TqfOsajd9mRXaIKIE41q66IhMqE1JDjWDL3Xpl7X5R4FCfh/
kkH3fVW3Qf23TgjotFpdQISsRBBeLyXSjLlOnXZT+96LGj1IS6CD5kdAB8xLYtjd
OHERduK7KkmkteQugRVGcRXH32W7tr2SO3sIR7pIFKCCBD8wggQ7MIIENzCCAx+g
AwIBAgIMT69OOrSkuitSoCJpMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcwNTA0MDgx
MjEyWhcNMTcwODA0MDgxMjEyWjCBiDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
b2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxOTFHMEUGA1UEAxM+
R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyIC0g
T0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb
uh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4gLDg3c3/s9/P
hgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/Gz2poaV0h/eA
fs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTtJeEegJFtjWVV
UhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz/AEoqaR+EijC
j05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya49NXWCM+eSRv
GoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKxzhSIxBx3xn0L
La7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQA5Iku0td8VPvqitNJu7Olia4Ypt3VQYy/d6XxzR1cFN8JZQZsINlSpsIDhimhk
+kbJOmEw/H3DJ3w7tTAIMVTK7YsTu4C5LUEBvcVlxvcK/ejjjSWjS+rJApILjCUe
35a7pEOUD9Xr38b8WZgAbDafnlXr7nsvHHaERKW0xbYr0A/DqSuqIrm74RJ6QFtD
AL3VY2sAXh69hFJ45hVvWxp8Qty6fX1EPqt5vXRBXPVt0CYWHhKmOTA0IYyS7fag
K0trK5O3RhwgzAC1hanmMHADECSGuWdcXpW7Sa0rOB96yCjFzrHTePoBAZqF3ang
jhcQgc7BTt534iqVZwajKbxW
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMT69OOrSkuitSoCJpMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwNTA0MDgxMjEyWhcNMTcwODA0MDgxMjEyWjCBiDELMAkGA1UEBhMCQkUxGTAX
BgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxOTFH
MEUGA1UEAxM+R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1
NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCbuh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4
gLDg3c3/s9/PhgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/
Gz2poaV0h/eAfs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTt
JeEegJFtjWVVUhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz
/AEoqaR+EijCj05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya
49NXWCM+eSRvGoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKx
zhSIxBx3xn0LLa7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJik
z5cPMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQA5Iku0td8VPvqitNJu7Olia4Ypt3VQYy/d6XxzR1cFN8JZQZsI
NlSpsIDhimhk+kbJOmEw/H3DJ3w7tTAIMVTK7YsTu4C5LUEBvcVlxvcK/ejjjSWj
S+rJApILjCUe35a7pEOUD9Xr38b8WZgAbDafnlXr7nsvHHaERKW0xbYr0A/DqSuq
Irm74RJ6QFtDAL3VY2sAXh69hFJ45hVvWxp8Qty6fX1EPqt5vXRBXPVt0CYWHhKm
OTA0IYyS7fagK0trK5O3RhwgzAC1hanmMHADECSGuWdcXpW7Sa0rOB96yCjFzrHT
ePoBAZqF3angjhcQgc7BTt534iqVZwajKbxW
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3647df13e4a42150-EWR]
Content-Length: [1602]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:39:33 GMT]
Etag: ["15267795ea0422a9cdad440c6a7909324308a31a"]
Expires: [Mon, 29 May 2017 10:39:32 GMT]
Last-Modified: [Thu, 25 May 2017 10:39:32 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d43cde533cf6a5f1a2a62bdedb93eb70a1495708772; expires=Fri, 25-May-18 10:39:32 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Domain Validation CA - SHA256 - G2 (CA Certificate)

Certificate details for GlobalSign Domain Validation CA - SHA256 - G2 (At position 1 in certificate chain)
Serial number:
hex: 40000000001444ef03e20
int: 4835703278459909592596000
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.