CRL & OCSP report for www.jvsisters.com.au

www.jvsisters.com.au

Certificate details for www.jvsisters.com.au (At position 0 in certificate chain)
Serial number:
hex: 1121b517243521299213b173eaf917c837dc
int: 1492378889372756079966756334067744162461660
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated by OneClickSSL
Country: AU
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.jvsisters.com.au.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl
Size: 110235 bytes (DER data)
Response time: 13.459219ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3385

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Miss from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3556a0c4e6ae2192-EWR]
Content-Length: [110235]
Content-Type: [application/pkix-crl]
Date: [Wed, 26 Apr 2017 03:59:12 GMT]
Etag: [E469]
Expires: [Tue, 02 May 2017 14:56:33 GMT]
Last-Modified: [Tue, 25 Apr 2017 14:56:33 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dc71e3ab10e2bb8824588992f0b9dcfd91493179152; expires=Thu, 26-Apr-18 03:59:12 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 f360bbb3d1999b5324e1d7ae31da1d7e.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [dp7JJJuMegyYNWZJXmoSq7qWOR1OeEgRSFLrGdbT8sRjphtj914GOg==]
X-Cache: [Miss from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g2 (POST)
Size: 1602 bytes (DER data)
Response time: 580.124429ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Signing certificate validity: 2017-02-13 - 2017-05-16
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2+e7AwQ96/HwxJKnDYl18YQQU6k58
1IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc+r5F8g33A==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGPgoBAKCCBjcwggYzBgkrBgEFBQcwAQEEggYkMIIGIDCBxqIWBBQysc4UiMQc
d8Z9Cy2u/ladOl9OaRgPMjAxNzA0MjYwMzU5MTJaMIGaMIGXMEswCQYFKw4DAhoF
AAQU0fG1dvnuwMEPevx8MSSpw2JdfGEEFOpOfNSALeUVgYYmjIJtwJikz5cPAhIR
IbUXJDUhKZITsXPq+RfIN9yAABgPMjAxNzA0MjYwMzU5MTJaoBEYDzIwMTcwNDMw
MDM1OTEyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNDI2MDM1OTEyWjANBgkq
hkiG9w0BAQsFAAOCAQEAkPFlnoPNdM2XCDKBacCgVCUp4FO5MBVxLW3kyn1zRzCV
CR3Iab8R7YO1XC0oECCrWGTWOKJSsnG/fGU4//56W4sXvWf5FvSacoc5IaM2Fs5U
3BxOYKL9Aie/THee1M4p0gt7QL2eBqtLF85p02NKcpE07f+AKFXg1VSiugjkwIh5
n4GfAVX73N2Az4xeRAwWirkW0KDRMZncl2+HrIUdqTaXgOXdzIU7CD+HzONgzIkL
8d4F+2jlh6TMffy6cUULpKtUnFZ8QC7YeGgBZe6+iTDHtC+UCPDcoPTU2vu0lyoT
HCFSmyRqF26FxU6S4M6tWST5RqRYFHq8zLh/LiZi8qCCBD8wggQ7MIIENzCCAx+g
AwIBAgIMQYN5wG/E4PEDFQiRMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcwMjEzMDcw
ODUyWhcNMTcwNTE2MDcwODUyWjCBiDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
b2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwMjEzMTUwNDFHMEUGA1UEAxM+
R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyIC0g
T0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb
uh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4gLDg3c3/s9/P
hgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/Gz2poaV0h/eA
fs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTtJeEegJFtjWVV
UhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz/AEoqaR+EijC
j05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya49NXWCM+eSRv
GoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKxzhSIxBx3xn0L
La7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQCG1HIHieTI+TuJF9OzP3SxmieBZtyS8Wz7qgnNe41imT5GmbEbnWow8HVdjXCx
yBxslZAV/4Q8/X3IiC53L4n3en/Ry3kl06yDNqRkR6Ep04l/JOmctbQ/vY73jYdB
ukm6TJne2NbSsXHB/qlaX9wVV2LIuSR4r+QhXQFlOnFtVODEWvPo6vVOqdHc81SJ
dmAshjIfr4FsmsuVfNxHUH3SRZNktpe67ExEFAVf91EvTNFwOa0jtX0+U1RSd0ZC
JS7S31gK6Lyc4sJydVuW3sPXZUudGdKuHEbBAsQWF3ZjN9CU1y6SzVMGzQOnGJXY
XHu8ibeOOMG6Glq8zKTdIFYX
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMQYN5wG/E4PEDFQiRMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwMjEzMDcwODUyWhcNMTcwNTE2MDcwODUyWjCBiDELMAkGA1UEBhMCQkUxGTAX
BgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwMjEzMTUwNDFH
MEUGA1UEAxM+R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1
NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCbuh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4
gLDg3c3/s9/PhgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/
Gz2poaV0h/eAfs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTt
JeEegJFtjWVVUhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz
/AEoqaR+EijCj05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya
49NXWCM+eSRvGoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKx
zhSIxBx3xn0LLa7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJik
z5cPMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQCG1HIHieTI+TuJF9OzP3SxmieBZtyS8Wz7qgnNe41imT5GmbEb
nWow8HVdjXCxyBxslZAV/4Q8/X3IiC53L4n3en/Ry3kl06yDNqRkR6Ep04l/JOmc
tbQ/vY73jYdBukm6TJne2NbSsXHB/qlaX9wVV2LIuSR4r+QhXQFlOnFtVODEWvPo
6vVOqdHc81SJdmAshjIfr4FsmsuVfNxHUH3SRZNktpe67ExEFAVf91EvTNFwOa0j
tX0+U1RSd0ZCJS7S31gK6Lyc4sJydVuW3sPXZUudGdKuHEbBAsQWF3ZjN9CU1y6S
zVMGzQOnGJXYXHu8ibeOOMG6Glq8zKTdIFYX
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3556a0c4e25506a9-EWR]
Content-Length: [1602]
Content-Type: [application/ocsp-response]
Date: [Wed, 26 Apr 2017 03:59:12 GMT]
Etag: ["f23b5ac23dad796a2386eb847ded3bc5f3da1e5b"]
Expires: [Sun, 30 Apr 2017 03:59:12 GMT]
Last-Modified: [Wed, 26 Apr 2017 03:59:12 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dadfd4868e60eefdedc887b4cf584d1de1493179152; expires=Thu, 26-Apr-18 03:59:12 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g2 (GET)
Size: 1602 bytes (DER data)
Response time: 1.020755718s
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G2
Signing certificate validity: 2017-02-13 - 2017-05-16
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

URL used for GET request

http:/gsdomainvalsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2%2Be7AwQ96%2FHwxJKnDYl18YQQU6k581IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc%2Br5F8g33A%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBTR8bV2+e7AwQ96/HwxJKnDYl18YQQU6k58
1IAt5RWBhiaMgm3AmKTPlw8CEhEhtRckNSEpkhOxc+r5F8g33A==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGPgoBAKCCBjcwggYzBgkrBgEFBQcwAQEEggYkMIIGIDCBxqIWBBQysc4UiMQc
d8Z9Cy2u/ladOl9OaRgPMjAxNzA0MjYwMzU5MTJaMIGaMIGXMEswCQYFKw4DAhoF
AAQU0fG1dvnuwMEPevx8MSSpw2JdfGEEFOpOfNSALeUVgYYmjIJtwJikz5cPAhIR
IbUXJDUhKZITsXPq+RfIN9yAABgPMjAxNzA0MjYwMzU5MTJaoBEYDzIwMTcwNDMw
MDM1OTEyWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNDI2MDM1OTEyWjANBgkq
hkiG9w0BAQsFAAOCAQEAkPFlnoPNdM2XCDKBacCgVCUp4FO5MBVxLW3kyn1zRzCV
CR3Iab8R7YO1XC0oECCrWGTWOKJSsnG/fGU4//56W4sXvWf5FvSacoc5IaM2Fs5U
3BxOYKL9Aie/THee1M4p0gt7QL2eBqtLF85p02NKcpE07f+AKFXg1VSiugjkwIh5
n4GfAVX73N2Az4xeRAwWirkW0KDRMZncl2+HrIUdqTaXgOXdzIU7CD+HzONgzIkL
8d4F+2jlh6TMffy6cUULpKtUnFZ8QC7YeGgBZe6+iTDHtC+UCPDcoPTU2vu0lyoT
HCFSmyRqF26FxU6S4M6tWST5RqRYFHq8zLh/LiZi8qCCBD8wggQ7MIIENzCCAx+g
AwIBAgIMQYN5wG/E4PEDFQiRMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcwMjEzMDcw
ODUyWhcNMTcwNTE2MDcwODUyWjCBiDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
b2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwMjEzMTUwNDFHMEUGA1UEAxM+
R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyIC0g
T0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb
uh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4gLDg3c3/s9/P
hgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/Gz2poaV0h/eA
fs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTtJeEegJFtjWVV
UhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz/AEoqaR+EijC
j05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya49NXWCM+eSRv
GoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKxzhSIxBx3xn0L
La7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMA8GCSsG
AQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQCG1HIHieTI+TuJF9OzP3SxmieBZtyS8Wz7qgnNe41imT5GmbEbnWow8HVdjXCx
yBxslZAV/4Q8/X3IiC53L4n3en/Ry3kl06yDNqRkR6Ep04l/JOmctbQ/vY73jYdB
ukm6TJne2NbSsXHB/qlaX9wVV2LIuSR4r+QhXQFlOnFtVODEWvPo6vVOqdHc81SJ
dmAshjIfr4FsmsuVfNxHUH3SRZNktpe67ExEFAVf91EvTNFwOa0jtX0+U1RSd0ZC
JS7S31gK6Lyc4sJydVuW3sPXZUudGdKuHEbBAsQWF3ZjN9CU1y6SzVMGzQOnGJXY
XHu8ibeOOMG6Glq8zKTdIFYX
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMQYN5wG/E4PEDFQiRMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwMjEzMDcwODUyWhcNMTcwNTE2MDcwODUyWjCBiDELMAkGA1UEBhMCQkUxGTAX
BgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwMjEzMTUwNDFH
MEUGA1UEAxM+R2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNIQTI1
NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCbuh304Ea0GTo6exeCsHBMm+LKYV8nM9TmJwWBpeR8A8rj2+ry6lX4
gLDg3c3/s9/PhgPRpwgpyPObzB8yWc9fmv7TACbnqFjjSqIY73bx7rc4IjprvDZ/
Gz2poaV0h/eAfs/yp1Gn2/YNwouAg4jntd6MbnrT3b5sidhuQB99BDfTzxkY3TTt
JeEegJFtjWVVUhCdisCnygXOtdx0np4+isy01IH4TznSkIBAv5jSenkXiq6FWnXz
/AEoqaR+EijCj05Lxgv44fcFB2dXIABMG8Iqrc2i+bg2kSiIlz2SqwUdXoK4yKya
49NXWCM+eSRvGoaDwCECXgHibDToh2ZpAgMBAAGjgccwgcQwHQYDVR0OBBYEFDKx
zhSIxBx3xn0LLa7+Vp06X05pMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJik
z5cPMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQCG1HIHieTI+TuJF9OzP3SxmieBZtyS8Wz7qgnNe41imT5GmbEb
nWow8HVdjXCxyBxslZAV/4Q8/X3IiC53L4n3en/Ry3kl06yDNqRkR6Ep04l/JOmc
tbQ/vY73jYdBukm6TJne2NbSsXHB/qlaX9wVV2LIuSR4r+QhXQFlOnFtVODEWvPo
6vVOqdHc81SJdmAshjIfr4FsmsuVfNxHUH3SRZNktpe67ExEFAVf91EvTNFwOa0j
tX0+U1RSd0ZCJS7S31gK6Lyc4sJydVuW3sPXZUudGdKuHEbBAsQWF3ZjN9CU1y6S
zVMGzQOnGJXYXHu8ibeOOMG6Glq8zKTdIFYX
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3556a0c4e0802150-EWR]
Content-Length: [1602]
Content-Type: [application/ocsp-response]
Date: [Wed, 26 Apr 2017 03:59:13 GMT]
Etag: ["f23b5ac23dad796a2386eb847ded3bc5f3da1e5b"]
Expires: [Sun, 30 Apr 2017 03:59:12 GMT]
Last-Modified: [Wed, 26 Apr 2017 03:59:12 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=deb7bca30139b1f5527d3938a266f6e231493179152; expires=Thu, 26-Apr-18 03:59:12 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Domain Validation CA - SHA256 - G2 (CA Certificate)

Certificate details for GlobalSign Domain Validation CA - SHA256 - G2 (At position 1 in certificate chain)
Serial number:
hex: 40000000001444ef03e20
int: 4835703278459909592596000
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.