CRL & OCSP report for tevamo.hu (TEVA Gyógyszergyár Zrt.)

tevamo.hu

Certificate details for tevamo.hu (At position 0 in certificate chain)
Serial number:
hex: 49dd0fe60f04016a9c59c87eb688
int: 1498130245381219577382254126478984
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: TEVA Gyógyszergyár Zrt.
Locality: Gödöllő
Country: HU
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for tevamo.hu.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl1.netlock.hu/index.cgi?crl=cbca

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl1.netlock.hu/index.cgi?crl=cbca
Size: 5960 bytes (DER data)
Response time: 302.12882ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 116

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=900]
Content-Disposition: [inline; filename=cbca.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:40:51 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl3.netlock.hu/index.cgi?crl=cbca

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl3.netlock.hu/index.cgi?crl=cbca
Size: 5960 bytes (DER data)
Response time: 336.846055ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 116

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=900]
Content-Disposition: [inline; filename=cbca.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:43:42 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl2.netlock.hu/index.cgi?crl=cbca

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl2.netlock.hu/index.cgi?crl=cbca
Size: 5960 bytes (DER data)
Response time: 336.301409ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 116

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=28800]
Content-Disposition: [inline; filename=cbca.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 11:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.netlock.hu/cbca.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.netlock.hu/cbca.cgi (POST)
Size: 1684 bytes (DER data)
Response time: 623.641324ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 7
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyA3GA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBAJXZNAILaZ4JXHRaDbkRNgmz
gqgVSSZElJKoO9Sni8KHDozZlyDn9HV0c3JlFBEZbReFGvEjZeQfoFueQPC+81Gv
r/P01ZTfP6YjHOgkj1/f7H2h4XraCqQi2/lDS/1GaChMiD1ATZ/0psJ1BNKB+av/
EK3GT2PefF1lYpPqu/6dv8qRnML9uTHI4kKuVVjWyJ/oZp+xTLJQtaSfyMS//awz
3MsXhQCB6cXCNpDvV+Ro2CDq4QryCFN6dwq3QfayWeKd+VcLPsPqFnBsFYRwcMr1
ETKhzRHSx5JKseipRGAT4IILW4cus414so79nbqKpw2VQ8ctuJaRCw6gFBpJKemg
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YchD5TygL4RxkmMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzA2MDYxNDA4MTNa
Fw0xODA2MDYxNDA4MTNaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APgEOfa6WNluXX163vzHLwwgldeeNXMJdUU/LaPX+Bj6j8cHuTNsNXF8FHzw17il
IbagsLZFZWvglcPsciNbuPXt1YSNsL+z7JTYhvdKAzjU1iRIgxe49shTYcZqSmed
SO2XZL0f6sQpKjqCe+/QazmkJefOG8LVULSyPLSdKqTjAaK+EjVQiY3fsJhewCJk
6uTiSo56oa61VDIwxVlEsqfybzKO94rfmeihgS+kbtRNZVkUVLZIiWU55/pDGNQz
c4JcFdsDQ12ebE2SqC2CPLMpWZ3fZadKPmhpnthmgWNNAxIR+pTgH3CZXa2zG++L
tY4hOgMggS4ozGnpS+7Zf18CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBS/gTU6
zaKqTc1TnMWxAAo1pywPWDANBgkqhkiG9w0BAQsFAAOCAQEAn8HAytpr/5YLobnW
Bc5rIqtKn2f8M4b+LW4DAscu0LtMw/HL5FvNL5Kv2mfcqVyL8LVSM+gDiB+4VRtw
SNYqWG3MSOzSS2zALyUndN/Pe3nigFng0u+RoloBP+wacw7/SUwTNljYU2eSoR/U
evP3eHK303C3hNbrRvsJuo96gkLBWSYnk0yAJsGFRNI6195emt2IKLZeN0DJCR44
MU0kSw5Tzh3HO8Lt/Mrcy1e1OSlfKIq7YHkUtN8W1Hg6I1dUOR+eWh91g4D4uPSO
QW1Y2Jd8C0ECg3Gvfz+8LfeGII06E4Snj3YWsrtT2S38iBfeOILekjKDSyQNASnO
7tjZiQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hyEPlPKAvhHGSYwDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDYwNjE0MDgxM1oXDTE4MDYw
NjE0MDgxM1owgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTmV0TG9jayBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AQ59rpY
2W5dfXre/McvDCCV1541cwl1RT8to9f4GPqPxwe5M2w1cXwUfPDXuKUhtqCwtkVl
a+CVw+xyI1u49e3VhI2wv7PslNiG90oDONTWJEiDF7j2yFNhxmpKZ51I7ZdkvR/q
xCkqOoJ779BrOaQl584bwtVQtLI8tJ0qpOMBor4SNVCJjd+wmF7AImTq5OJKjnqh
rrVUMjDFWUSyp/JvMo73it+Z6KGBL6Ru1E1lWRRUtkiJZTnn+kMY1DNzglwV2wND
XZ5sTZKoLYI8sylZnd9lp0o+aGme2GaBY00DEhH6lOAfcJldrbMb74u1jiE6AyCB
LijMaelL7tl/XwIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFL+BNTrNoqpNzVOc
xbEACjWnLA9YMA0GCSqGSIb3DQEBCwUAA4IBAQCfwcDK2mv/lguhudYFzmsiq0qf
Z/wzhv4tbgMCxy7Qu0zD8cvkW80vkq/aZ9ypXIvwtVIz6AOIH7hVG3BI1ipYbcxI
7NJLbMAvJSd03897eeKAWeDS75GiWgE/7BpzDv9JTBM2WNhTZ5KhH9R68/d4crfT
cLeE1utG+wm6j3qCQsFZJieTTIAmwYVE0jrX3l6a3Ygotl43QMkJHjgxTSRLDlPO
Hcc7wu38ytzLV7U5KV8oirtgeRS03xbUeDojV1Q5H55aH3WDgPi49I5BbVjYl3wL
QQKDca9/P7wt94YgjToThKePdhayu1PZLfyIF944gt6SMoNLJA0BKc7u2NmJ
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp3.netlock.hu/cbca.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp3.netlock.hu/cbca.cgi (POST)
Size: 1684 bytes (DER data)
Response time: 646.88248ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 7
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 10m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyA3GA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBAJXZNAILaZ4JXHRaDbkRNgmz
gqgVSSZElJKoO9Sni8KHDozZlyDn9HV0c3JlFBEZbReFGvEjZeQfoFueQPC+81Gv
r/P01ZTfP6YjHOgkj1/f7H2h4XraCqQi2/lDS/1GaChMiD1ATZ/0psJ1BNKB+av/
EK3GT2PefF1lYpPqu/6dv8qRnML9uTHI4kKuVVjWyJ/oZp+xTLJQtaSfyMS//awz
3MsXhQCB6cXCNpDvV+Ro2CDq4QryCFN6dwq3QfayWeKd+VcLPsPqFnBsFYRwcMr1
ETKhzRHSx5JKseipRGAT4IILW4cus414so79nbqKpw2VQ8ctuJaRCw6gFBpJKemg
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YchD5TygL4RxkmMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzA2MDYxNDA4MTNa
Fw0xODA2MDYxNDA4MTNaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APgEOfa6WNluXX163vzHLwwgldeeNXMJdUU/LaPX+Bj6j8cHuTNsNXF8FHzw17il
IbagsLZFZWvglcPsciNbuPXt1YSNsL+z7JTYhvdKAzjU1iRIgxe49shTYcZqSmed
SO2XZL0f6sQpKjqCe+/QazmkJefOG8LVULSyPLSdKqTjAaK+EjVQiY3fsJhewCJk
6uTiSo56oa61VDIwxVlEsqfybzKO94rfmeihgS+kbtRNZVkUVLZIiWU55/pDGNQz
c4JcFdsDQ12ebE2SqC2CPLMpWZ3fZadKPmhpnthmgWNNAxIR+pTgH3CZXa2zG++L
tY4hOgMggS4ozGnpS+7Zf18CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBS/gTU6
zaKqTc1TnMWxAAo1pywPWDANBgkqhkiG9w0BAQsFAAOCAQEAn8HAytpr/5YLobnW
Bc5rIqtKn2f8M4b+LW4DAscu0LtMw/HL5FvNL5Kv2mfcqVyL8LVSM+gDiB+4VRtw
SNYqWG3MSOzSS2zALyUndN/Pe3nigFng0u+RoloBP+wacw7/SUwTNljYU2eSoR/U
evP3eHK303C3hNbrRvsJuo96gkLBWSYnk0yAJsGFRNI6195emt2IKLZeN0DJCR44
MU0kSw5Tzh3HO8Lt/Mrcy1e1OSlfKIq7YHkUtN8W1Hg6I1dUOR+eWh91g4D4uPSO
QW1Y2Jd8C0ECg3Gvfz+8LfeGII06E4Snj3YWsrtT2S38iBfeOILekjKDSyQNASnO
7tjZiQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hyEPlPKAvhHGSYwDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDYwNjE0MDgxM1oXDTE4MDYw
NjE0MDgxM1owgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTmV0TG9jayBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AQ59rpY
2W5dfXre/McvDCCV1541cwl1RT8to9f4GPqPxwe5M2w1cXwUfPDXuKUhtqCwtkVl
a+CVw+xyI1u49e3VhI2wv7PslNiG90oDONTWJEiDF7j2yFNhxmpKZ51I7ZdkvR/q
xCkqOoJ779BrOaQl584bwtVQtLI8tJ0qpOMBor4SNVCJjd+wmF7AImTq5OJKjnqh
rrVUMjDFWUSyp/JvMo73it+Z6KGBL6Ru1E1lWRRUtkiJZTnn+kMY1DNzglwV2wND
XZ5sTZKoLYI8sylZnd9lp0o+aGme2GaBY00DEhH6lOAfcJldrbMb74u1jiE6AyCB
LijMaelL7tl/XwIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFL+BNTrNoqpNzVOc
xbEACjWnLA9YMA0GCSqGSIb3DQEBCwUAA4IBAQCfwcDK2mv/lguhudYFzmsiq0qf
Z/wzhv4tbgMCxy7Qu0zD8cvkW80vkq/aZ9ypXIvwtVIz6AOIH7hVG3BI1ipYbcxI
7NJLbMAvJSd03897eeKAWeDS75GiWgE/7BpzDv9JTBM2WNhTZ5KhH9R68/d4crfT
cLeE1utG+wm6j3qCQsFZJieTTIAmwYVE0jrX3l6a3Ygotl43QMkJHjgxTSRLDlPO
Hcc7wu38ytzLV7U5KV8oirtgeRS03xbUeDojV1Q5H55aH3WDgPi49I5BbVjYl3wL
QQKDca9/P7wt94YgjToThKePdhayu1PZLfyIF944gt6SMoNLJA0BKc7u2NmJ
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:49:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp2.netlock.hu/cbca.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.netlock.hu/cbca.cgi (GET)
Size: 1684 bytes (DER data)
Response time: 700.49705ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 7
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 10m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp2.netlock.hu/cbca.cgi/ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE3lo9NCm48%2BoPjf520jkIz8ECDkndD%2BYPBAFqnFnIfraI

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyA3GA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBAJXZNAILaZ4JXHRaDbkRNgmz
gqgVSSZElJKoO9Sni8KHDozZlyDn9HV0c3JlFBEZbReFGvEjZeQfoFueQPC+81Gv
r/P01ZTfP6YjHOgkj1/f7H2h4XraCqQi2/lDS/1GaChMiD1ATZ/0psJ1BNKB+av/
EK3GT2PefF1lYpPqu/6dv8qRnML9uTHI4kKuVVjWyJ/oZp+xTLJQtaSfyMS//awz
3MsXhQCB6cXCNpDvV+Ro2CDq4QryCFN6dwq3QfayWeKd+VcLPsPqFnBsFYRwcMr1
ETKhzRHSx5JKseipRGAT4IILW4cus414so79nbqKpw2VQ8ctuJaRCw6gFBpJKemg
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YchD5TygL4RxkmMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzA2MDYxNDA4MTNa
Fw0xODA2MDYxNDA4MTNaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APgEOfa6WNluXX163vzHLwwgldeeNXMJdUU/LaPX+Bj6j8cHuTNsNXF8FHzw17il
IbagsLZFZWvglcPsciNbuPXt1YSNsL+z7JTYhvdKAzjU1iRIgxe49shTYcZqSmed
SO2XZL0f6sQpKjqCe+/QazmkJefOG8LVULSyPLSdKqTjAaK+EjVQiY3fsJhewCJk
6uTiSo56oa61VDIwxVlEsqfybzKO94rfmeihgS+kbtRNZVkUVLZIiWU55/pDGNQz
c4JcFdsDQ12ebE2SqC2CPLMpWZ3fZadKPmhpnthmgWNNAxIR+pTgH3CZXa2zG++L
tY4hOgMggS4ozGnpS+7Zf18CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBS/gTU6
zaKqTc1TnMWxAAo1pywPWDANBgkqhkiG9w0BAQsFAAOCAQEAn8HAytpr/5YLobnW
Bc5rIqtKn2f8M4b+LW4DAscu0LtMw/HL5FvNL5Kv2mfcqVyL8LVSM+gDiB+4VRtw
SNYqWG3MSOzSS2zALyUndN/Pe3nigFng0u+RoloBP+wacw7/SUwTNljYU2eSoR/U
evP3eHK303C3hNbrRvsJuo96gkLBWSYnk0yAJsGFRNI6195emt2IKLZeN0DJCR44
MU0kSw5Tzh3HO8Lt/Mrcy1e1OSlfKIq7YHkUtN8W1Hg6I1dUOR+eWh91g4D4uPSO
QW1Y2Jd8C0ECg3Gvfz+8LfeGII06E4Snj3YWsrtT2S38iBfeOILekjKDSyQNASnO
7tjZiQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hyEPlPKAvhHGSYwDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDYwNjE0MDgxM1oXDTE4MDYw
NjE0MDgxM1owgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTmV0TG9jayBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AQ59rpY
2W5dfXre/McvDCCV1541cwl1RT8to9f4GPqPxwe5M2w1cXwUfPDXuKUhtqCwtkVl
a+CVw+xyI1u49e3VhI2wv7PslNiG90oDONTWJEiDF7j2yFNhxmpKZ51I7ZdkvR/q
xCkqOoJ779BrOaQl584bwtVQtLI8tJ0qpOMBor4SNVCJjd+wmF7AImTq5OJKjnqh
rrVUMjDFWUSyp/JvMo73it+Z6KGBL6Ru1E1lWRRUtkiJZTnn+kMY1DNzglwV2wND
XZ5sTZKoLYI8sylZnd9lp0o+aGme2GaBY00DEhH6lOAfcJldrbMb74u1jiE6AyCB
LijMaelL7tl/XwIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFL+BNTrNoqpNzVOc
xbEACjWnLA9YMA0GCSqGSIb3DQEBCwUAA4IBAQCfwcDK2mv/lguhudYFzmsiq0qf
Z/wzhv4tbgMCxy7Qu0zD8cvkW80vkq/aZ9ypXIvwtVIz6AOIH7hVG3BI1ipYbcxI
7NJLbMAvJSd03897eeKAWeDS75GiWgE/7BpzDv9JTBM2WNhTZ5KhH9R68/d4crfT
cLeE1utG+wm6j3qCQsFZJieTTIAmwYVE0jrX3l6a3Ygotl43QMkJHjgxTSRLDlPO
Hcc7wu38ytzLV7U5KV8oirtgeRS03xbUeDojV1Q5H55aH3WDgPi49I5BbVjYl3wL
QQKDca9/P7wt94YgjToThKePdhayu1PZLfyIF944gt6SMoNLJA0BKc7u2NmJ
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Etag: [OK, resp: cbca, retcode: [1]]
Expires: [Sun, 25 Jun 2017 03:49:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp1.netlock.hu/cbca.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp1.netlock.hu/cbca.cgi (POST)
Size: 1684 bytes (DER data)
Response time: 770.348516ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 7
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 10m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyA3GA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBAJXZNAILaZ4JXHRaDbkRNgmz
gqgVSSZElJKoO9Sni8KHDozZlyDn9HV0c3JlFBEZbReFGvEjZeQfoFueQPC+81Gv
r/P01ZTfP6YjHOgkj1/f7H2h4XraCqQi2/lDS/1GaChMiD1ATZ/0psJ1BNKB+av/
EK3GT2PefF1lYpPqu/6dv8qRnML9uTHI4kKuVVjWyJ/oZp+xTLJQtaSfyMS//awz
3MsXhQCB6cXCNpDvV+Ro2CDq4QryCFN6dwq3QfayWeKd+VcLPsPqFnBsFYRwcMr1
ETKhzRHSx5JKseipRGAT4IILW4cus414so79nbqKpw2VQ8ctuJaRCw6gFBpJKemg
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YchD5TygL4RxkmMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzA2MDYxNDA4MTNa
Fw0xODA2MDYxNDA4MTNaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APgEOfa6WNluXX163vzHLwwgldeeNXMJdUU/LaPX+Bj6j8cHuTNsNXF8FHzw17il
IbagsLZFZWvglcPsciNbuPXt1YSNsL+z7JTYhvdKAzjU1iRIgxe49shTYcZqSmed
SO2XZL0f6sQpKjqCe+/QazmkJefOG8LVULSyPLSdKqTjAaK+EjVQiY3fsJhewCJk
6uTiSo56oa61VDIwxVlEsqfybzKO94rfmeihgS+kbtRNZVkUVLZIiWU55/pDGNQz
c4JcFdsDQ12ebE2SqC2CPLMpWZ3fZadKPmhpnthmgWNNAxIR+pTgH3CZXa2zG++L
tY4hOgMggS4ozGnpS+7Zf18CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBS/gTU6
zaKqTc1TnMWxAAo1pywPWDANBgkqhkiG9w0BAQsFAAOCAQEAn8HAytpr/5YLobnW
Bc5rIqtKn2f8M4b+LW4DAscu0LtMw/HL5FvNL5Kv2mfcqVyL8LVSM+gDiB+4VRtw
SNYqWG3MSOzSS2zALyUndN/Pe3nigFng0u+RoloBP+wacw7/SUwTNljYU2eSoR/U
evP3eHK303C3hNbrRvsJuo96gkLBWSYnk0yAJsGFRNI6195emt2IKLZeN0DJCR44
MU0kSw5Tzh3HO8Lt/Mrcy1e1OSlfKIq7YHkUtN8W1Hg6I1dUOR+eWh91g4D4uPSO
QW1Y2Jd8C0ECg3Gvfz+8LfeGII06E4Snj3YWsrtT2S38iBfeOILekjKDSyQNASnO
7tjZiQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hyEPlPKAvhHGSYwDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDYwNjE0MDgxM1oXDTE4MDYw
NjE0MDgxM1owgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTmV0TG9jayBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AQ59rpY
2W5dfXre/McvDCCV1541cwl1RT8to9f4GPqPxwe5M2w1cXwUfPDXuKUhtqCwtkVl
a+CVw+xyI1u49e3VhI2wv7PslNiG90oDONTWJEiDF7j2yFNhxmpKZ51I7ZdkvR/q
xCkqOoJ779BrOaQl584bwtVQtLI8tJ0qpOMBor4SNVCJjd+wmF7AImTq5OJKjnqh
rrVUMjDFWUSyp/JvMo73it+Z6KGBL6Ru1E1lWRRUtkiJZTnn+kMY1DNzglwV2wND
XZ5sTZKoLYI8sylZnd9lp0o+aGme2GaBY00DEhH6lOAfcJldrbMb74u1jiE6AyCB
LijMaelL7tl/XwIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFL+BNTrNoqpNzVOc
xbEACjWnLA9YMA0GCSqGSIb3DQEBCwUAA4IBAQCfwcDK2mv/lguhudYFzmsiq0qf
Z/wzhv4tbgMCxy7Qu0zD8cvkW80vkq/aZ9ypXIvwtVIz6AOIH7hVG3BI1ipYbcxI
7NJLbMAvJSd03897eeKAWeDS75GiWgE/7BpzDv9JTBM2WNhTZ5KhH9R68/d4crfT
cLeE1utG+wm6j3qCQsFZJieTTIAmwYVE0jrX3l6a3Ygotl43QMkJHjgxTSRLDlPO
Hcc7wu38ytzLV7U5KV8oirtgeRS03xbUeDojV1Q5H55aH3WDgPi49I5BbVjYl3wL
QQKDca9/P7wt94YgjToThKePdhayu1PZLfyIF944gt6SMoNLJA0BKc7u2NmJ
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:49:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp1.netlock.hu/cbca.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp1.netlock.hu/cbca.cgi (GET)
Size: 1684 bytes (DER data)
Response time: 798.938882ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 3
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-02-09 - 2018-02-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 10m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp1.netlock.hu/cbca.cgi/ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE3lo9NCm48%2BoPjf520jkIz8ECDkndD%2BYPBAFqnFnIfraI

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyAzGA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBALIgqv8/08mp5rctSMHEAXur
JO4pEfoJY/IfJuIoHgxcI6RMkGgc6nqvKiIPJzLYPLQBIWK82iwJa5rJcuiGVM6q
eT9REYUVmKdWFu1WsDiAS9DcjZv/gXr5Ov8RSZK4QFOkUXi21WXMK4w68ojg20Tz
mvJ2eNRcYmi23ZkgN0td2MmDV6uROgFTpsHcOAaEVhIqCybJfZk0YCK9VUu/6rTf
NuH6aUApL7mdafG3pMZ7Rs4Jb1z1TvI5/Ra7yQO+8Lr1LKZSFcHzjL3qIuYCM5Yb
McCu07zHsxStzXBLiIEgiRv1CxyOqfHVjJM9AdmQQwXSynEtU3Xmmdk2GzKjolug
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YZv+zgBXaBdJ9tMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzAyMDkxNDM4MTla
Fw0xODAyMDkxNDM4MTlaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5FVExPQ0sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALMeJ1M4LI3uJlqfCjDqqmf37TWGq/mTyFtsL28ejchmJsFEjha+Cd4p3ScFxio8
F73Enj41Fa0JYLdvuD2RBEdlHacwvhuGAAUUEB/DE/tZY4+NOHBk6Tk8Mz2kthzB
AIHm/znkXayuLLCSwDPuZ3am/kXbd9Ho8gF/x8o5qy3mjwPQY2jOEIBcJWm1Jjvx
6iKkJMllAJzZfudHMLabpn104eAkRYmhJznj5+WpQFJ4ubNYVis/mwzG82dPlE0w
zt+CWOm4p4fyXf7OX0vnbrYRL/0odwvsXYhJwJhoLooDN+5sBJt9Iq1JiK26fnCB
nTlLVHtxjxueDTHvFQyP298CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBQZBtEk
v7hcmKV+4N4BCWg4bLTTpzANBgkqhkiG9w0BAQsFAAOCAQEABd51IMyTP3ewef57
lHHUGj3X7+W3w3hzYduR/geo5yBGyKsy6y4wAle6jaNpM6nZ48PypeTaWHWHptiy
Mm25dQ/xFmmzwOq8ZEArEVb5cR5uQJsUkCAkJkm2qaVA98PNVnwXvbvj4nnGqtRl
JEOTBPI1VxhWTEr8sKR8OiwhqduxQbnXdG34QL24vcrAXT0KS1LejkCmdCj3bDJk
NVQDBj/yzVKk1w4cywVA1Y3DE1F6RseQ6ltYrxWKJKQ1s9jjfjqasiFdeypmietW
s5Bp5nCzDO+w9l1pf7qP/AXVdodqgJpGKkTbtYx95dCZ24JkLJZJYxguFm6mwLVK
R3/M9g==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hm/7OAFdoF0n20wDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDIwOTE0MzgxOVoXDTE4MDIw
OTE0MzgxOVowgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTkVUTE9DSyBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx4nUzgs
je4mWp8KMOqqZ/ftNYar+ZPIW2wvbx6NyGYmwUSOFr4J3indJwXGKjwXvcSePjUV
rQlgt2+4PZEER2UdpzC+G4YABRQQH8MT+1ljj404cGTpOTwzPaS2HMEAgeb/OeRd
rK4ssJLAM+5ndqb+Rdt30ejyAX/HyjmrLeaPA9BjaM4QgFwlabUmO/HqIqQkyWUA
nNl+50cwtpumfXTh4CRFiaEnOePn5alAUni5s1hWKz+bDMbzZ0+UTTDO34JY6bin
h/Jd/s5fS+duthEv/Sh3C+xdiEnAmGguigM37mwEm30irUmIrbp+cIGdOUtUe3GP
G54NMe8VDI/b3wIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFBkG0SS/uFyYpX7g
3gEJaDhstNOnMA0GCSqGSIb3DQEBCwUAA4IBAQAF3nUgzJM/d7B5/nuUcdQaPdfv
5bfDeHNh25H+B6jnIEbIqzLrLjACV7qNo2kzqdnjw/Kl5NpYdYem2LIybbl1D/EW
abPA6rxkQCsRVvlxHm5AmxSQICQmSbappUD3w81WfBe9u+Piecaq1GUkQ5ME8jVX
GFZMSvywpHw6LCGp27FBudd0bfhAvbi9ysBdPQpLUt6OQKZ0KPdsMmQ1VAMGP/LN
UqTXDhzLBUDVjcMTUXpGx5DqW1ivFYokpDWz2ON+OpqyIV17KmaJ61azkGnmcLMM
77D2XWl/uo/8BdV2h2qAmkYqRNu1jH3l0JnbgmQslkljGC4WbqbAtUpHf8z2
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:49:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp3.netlock.hu/cbca.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp3.netlock.hu/cbca.cgi (GET)
Size: 1684 bytes (DER data)
Response time: 797.70265ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Üzleti OCSP Kiszolgáló 3
Issued by: NetLock Üzleti (Class B) Tanúsítványkiadó
Signing certificate validity: 2017-02-09 - 2018-02-09
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp3.netlock.hu/cbca.cgi/ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE3lo9NCm48%2BoPjf520jkIz8ECDkndD%2BYPBAFqnFnIfraI

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME8wTTBLMEkwRzAJBgUrDgMCGgUABBQgTHtg7mE8ZQRXRRt15GXo6syxBQQU8SfE
3lo9NCm48+oPjf520jkIz8ECDkndD+YPBAFqnFnIfraI
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGkAoBAKCCBokwggaFBgkrBgEFBQcwAQEEggZ2MIIGcjCCAQWhgZEwgY4xCzAJ
BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBL
ZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xnw6FsdGF0w6Fzb2sxLDAq
BgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pvbGfDoWzDsyAzGA8yMDE3
MDYyNTAzMzk1NlowXjBcMEcwCQYFKw4DAhoFAAQUIEx7YO5hPGUEV0UbdeRl6OrM
sQUEFPEnxN5aPTQpuPPqD43+dtI5CM/BAg5J3Q/mDwQBapxZyH62iIAAGA8yMDE3
MDYyNTAzMzk1NlowDQYJKoZIhvcNAQELBQADggEBALIgqv8/08mp5rctSMHEAXur
JO4pEfoJY/IfJuIoHgxcI6RMkGgc6nqvKiIPJzLYPLQBIWK82iwJa5rJcuiGVM6q
eT9REYUVmKdWFu1WsDiAS9DcjZv/gXr5Ov8RSZK4QFOkUXi21WXMK4w68ojg20Tz
mvJ2eNRcYmi23ZkgN0td2MmDV6uROgFTpsHcOAaEVhIqCybJfZk0YCK9VUu/6rTf
NuH6aUApL7mdafG3pMZ7Rs4Jb1z1TvI5/Ra7yQO+8Lr1LKZSFcHzjL3qIuYCM5Yb
McCu07zHsxStzXBLiIEgiRv1CxyOqfHVjJM9AdmQQwXSynEtU3Xmmdk2GzKjolug
ggRRMIIETTCCBEkwggMxoAMCAQICDkndD+YZv+zgBXaBdJ9tMA0GCSqGSIb3DQEB
CwUAMIGpMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoM
DE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChD
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE3MDUGA1UEAwwuTmV0TG9jayDDnHpsZXRp
IChDbGFzcyBCKSBUYW7DunPDrXR2w6FueWtpYWTDszAeFw0xNzAyMDkxNDM4MTla
Fw0xODAyMDkxNDM4MTlaMIGOMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5FVExPQ0sgS2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6Fz
aSBTem9sZ8OhbHRhdMOhc29rMSwwKgYDVQQDDCNORVRMT0NLIMOcemxldGkgT0NT
UCBLaXN6b2xnw6Fsw7MgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALMeJ1M4LI3uJlqfCjDqqmf37TWGq/mTyFtsL28ejchmJsFEjha+Cd4p3ScFxio8
F73Enj41Fa0JYLdvuD2RBEdlHacwvhuGAAUUEB/DE/tZY4+NOHBk6Tk8Mz2kthzB
AIHm/znkXayuLLCSwDPuZ3am/kXbd9Ho8gF/x8o5qy3mjwPQY2jOEIBcJWm1Jjvx
6iKkJMllAJzZfudHMLabpn104eAkRYmhJznj5+WpQFJ4ubNYVis/mwzG82dPlE0w
zt+CWOm4p4fyXf7OX0vnbrYRL/0odwvsXYhJwJhoLooDN+5sBJt9Iq1JiK26fnCB
nTlLVHtxjxueDTHvFQyP298CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MB8GA1UdIwQYMBaAFPEnxN5aPTQpuPPqD43+dtI5CM/BMB0GA1UdDgQWBBQZBtEk
v7hcmKV+4N4BCWg4bLTTpzANBgkqhkiG9w0BAQsFAAOCAQEABd51IMyTP3ewef57
lHHUGj3X7+W3w3hzYduR/geo5yBGyKsy6y4wAle6jaNpM6nZ48PypeTaWHWHptiy
Mm25dQ/xFmmzwOq8ZEArEVb5cR5uQJsUkCAkJkm2qaVA98PNVnwXvbvj4nnGqtRl
JEOTBPI1VxhWTEr8sKR8OiwhqduxQbnXdG34QL24vcrAXT0KS1LejkCmdCj3bDJk
NVQDBj/yzVKk1w4cywVA1Y3DE1F6RseQ6ltYrxWKJKQ1s9jjfjqasiFdeypmietW
s5Bp5nCzDO+w9l1pf7qP/AXVdodqgJpGKkTbtYx95dCZ24JkLJZJYxguFm6mwLVK
R3/M9g==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgIOSd0P5hm/7OAFdoF0n20wDQYJKoZIhvcNAQELBQAwgakx
CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
YXRpb24gU2VydmljZXMpMTcwNQYDVQQDDC5OZXRMb2NrIMOcemxldGkgKENsYXNz
IEIpIFRhbsO6c8OtdHbDoW55a2lhZMOzMB4XDTE3MDIwOTE0MzgxOVoXDTE4MDIw
OTE0MzgxOVowgY4xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMG
A1UECgwMTkVUTE9DSyBLZnQuMScwJQYDVQQLDB5WaXNzemF2b27DoXNpIFN6b2xn
w6FsdGF0w6Fzb2sxLDAqBgNVBAMMI05FVExPQ0sgw5x6bGV0aSBPQ1NQIEtpc3pv
bGfDoWzDsyAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx4nUzgs
je4mWp8KMOqqZ/ftNYar+ZPIW2wvbx6NyGYmwUSOFr4J3indJwXGKjwXvcSePjUV
rQlgt2+4PZEER2UdpzC+G4YABRQQH8MT+1ljj404cGTpOTwzPaS2HMEAgeb/OeRd
rK4ssJLAM+5ndqb+Rdt30ejyAX/HyjmrLeaPA9BjaM4QgFwlabUmO/HqIqQkyWUA
nNl+50cwtpumfXTh4CRFiaEnOePn5alAUni5s1hWKz+bDMbzZ0+UTTDO34JY6bin
h/Jd/s5fS+duthEv/Sh3C+xdiEnAmGguigM37mwEm30irUmIrbp+cIGdOUtUe3GP
G54NMe8VDI/b3wIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
AgZAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0j
BBgwFoAU8SfE3lo9NCm48+oPjf520jkIz8EwHQYDVR0OBBYEFBkG0SS/uFyYpX7g
3gEJaDhstNOnMA0GCSqGSIb3DQEBCwUAA4IBAQAF3nUgzJM/d7B5/nuUcdQaPdfv
5bfDeHNh25H+B6jnIEbIqzLrLjACV7qNo2kzqdnjw/Kl5NpYdYem2LIybbl1D/EW
abPA6rxkQCsRVvlxHm5AmxSQICQmSbappUD3w81WfBe9u+Piecaq1GUkQ5ME8jVX
GFZMSvywpHw6LCGp27FBudd0bfhAvbi9ysBdPQpLUt6OQKZ0KPdsMmQ1VAMGP/LN
UqTXDhzLBUDVjcMTUXpGx5DqW1ivFYokpDWz2ON+OpqyIV17KmaJ61azkGnmcLMM
77D2XWl/uo/8BdV2h2qAmkYqRNu1jH3l0JnbgmQslkljGC4WbqbAtUpHf8z2
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response must be valid for at least 8 hours (Microsoft)
  • OCSP response must be available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)

NetLock Üzleti (Class B) Tanúsítványkiadó (CA Certificate)

Certificate details for NetLock Üzleti (Class B) Tanúsítványkiadó (At position 1 in certificate chain)
Serial number:
hex: 49412ce40014
int: 80544274841620
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: NetLock Kft.
Organization unit: Tanúsítványkiadók (Certification Services)
Locality: Budapest
Country: HU
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl1.netlock.hu/index.cgi?crl=gold

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl1.netlock.hu/index.cgi?crl=gold
Size: 538 bytes (DER data)
Response time: 298.904505ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=900]
Content-Disposition: [inline; filename=gold.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:42:57 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl3.netlock.hu/index.cgi?crl=gold

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl3.netlock.hu/index.cgi?crl=gold
Size: 538 bytes (DER data)
Response time: 323.085957ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=900]
Content-Disposition: [inline; filename=gold.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:50:45 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl2.netlock.hu/index.cgi?crl=gold

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl2.netlock.hu/index.cgi?crl=gold
Size: 538 bytes (DER data)
Response time: 345.739646ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Expires:

Server and network information

Server Software: nginx

Raw CRL response headers

Cache-Control: [max-age=28800]
Content-Disposition: [inline; filename=gold.crl]
Content-Type: [application/x-pkcs7-crl]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 11:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field should be byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp1.netlock.hu/gold.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp1.netlock.hu/gold.cgi (GET)
Size: 1661 bytes (DER data)
Response time: 293.808057ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NetLock Arany OCSP Kiszolgáló 3
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2016-10-18 - 2017-10-18
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 10m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp1.netlock.hu/gold.cgi/MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR%2Ff60eHa7rdefsya0exfWQ9bmEYQQUzPpnk%2FC2uNClwB7zU%2F2MU9%2BD15YCBklBLOQAFA%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGeQoBAKCCBnIwggZuBgkrBgEFBQcwAQEEggZfMIIGWzCB+6GBjzCBjDELMAkG
A1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtm
dC4xJzAlBgNVBAsMHlZpc3N6YXZvbsOhc2kgU3pvbGfDoWx0YXTDoXNvazEqMCgG
A1UEAwwhTmV0TG9jayBBcmFueSBPQ1NQIEtpc3pvbGfDoWzDsyAzGA8yMDE3MDYy
NTAzMzMyMVowVjBUMD8wCQYFKw4DAhoFAAQUf3+tHh2u63Xn7MmtHsX1kPW5hGEE
FMz6Z5PwtrjQpcAe81P9jFPfg9eWAgZJQSzkABSAABgPMjAxNzA2MjUwMzMzMjFa
MA0GCSqGSIb3DQEBCwUAA4IBAQBbkLlpev3g2LOCNRaz1otJtescQArzDNFl+GC1
Gg2Ir0e/D6T3ORmBqd5YvMFU64JTF8bjjQuV6fqSFPW8DpQtckSY3CMi/pPtV92h
qomGdi1Eh+Qs6L5tp6UryJiYmQ8Tl9x0AHsFFZUrJlfSYD7J1BJpeT/imSJfWqfS
FgjEqL4urfs0IzdrAfkq9HusM55nQYQpgM3+DRId7wrQ3ZFhjJlTOtWJHplMRSbg
d52Dz/uNmjiaXoBCXFl4eddgsy2Ijrp2FdzrQ0GJMtOfMXJmlkBYx6jHThRUCKbQ
wDhQ8/Jn39SAjBYBITckoyQvvA6ilVQzdSla4z0Mu8jfrXSEoIIERTCCBEEwggQ9
MIIDJaADAgECAgZJQSzkAEwwDQYJKoZIhvcNAQELBQAwgacxCzAJBgNVBAYTAkhV
MREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBLZnQuMTcwNQYD
VQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmljYXRpb24gU2Vydmlj
ZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBHb2xkKSBGxZF0YW7D
unPDrXR2w6FueTAeFw0xNjEwMTgxNTQzMDZaFw0xNzEwMTgxNTQzMDZaMIGMMQsw
CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sg
S2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6FzaSBTem9sZ8OhbHRhdMOhc29rMSow
KAYDVQQDDCFOZXRMb2NrIEFyYW55IE9DU1AgS2lzem9sZ8OhbMOzIDMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZR5NrJzZsvyb9/69h6DR3qefW55z
21ZfrHDo+S8/E20XpKksu4j4nQWY/CM/9j2NbR49npChDMMa2xJCKT5LlhK6bU9h
ekpCfDGYH2IbdzMMcu+E/mqnosCj3nGDuzo1Me2mrlqD2Hk7JQkPgcjTvyRjyeNc
6wECU3U4fdzGqUyhAUHRRmxQdiv2b7CzqYS5S/KvCj6F0hd0QsEARY/dW7TWsaQP
t4+SC5tBJgBu1GAA7OrNnu+OpPSdmSXTouQcQwlwxiPk6WCV3VBmSG+2POuWXObe
yOVApR8mhE7DRwFUl22A7IAulwKXFY8u6xeARSWdJ8ozYApTvHa7oWjXAgMBAAGj
gYcwgYQwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBkAwEwYDVR0lBAwwCgYI
KwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAfBgNVHSMEGDAWgBTM+meT8La40KXA
HvNT/YxT34PXljAdBgNVHQ4EFgQU3ZbxxheJUaMDNeNX5FWlffDF4rcwDQYJKoZI
hvcNAQELBQADggEBAJpzTfITSntnphtF0Fz23+iW+TJiasS7J5ZmhJx4FeIkYxnm
Mbtu2WHGvghNP3dYPnpO3ck8+YUZagLlU4uWYoZBrZzsjh9EyKwLsxk4MRCghF6G
84t6bECoDBvQudfsooLqm1P26yH1M4L4ugSORE803pur4XOagCirLj9LqF1wl7JZ
toTi5UcA86g+o5+h2j9HuxR25VRqonxTVHja376EME42+sHKkyNVDWA0e8pLJA6e
mn9+tt3Ry51e94Wh/1VPxhxEE6dOrnQRQEF9L0voFrC2aznp0yWGAd/UN8iYUgd2
Jd09jWghq70V4EboMzUwCG3ru0NGVuVosj3fdlE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEPTCCAyWgAwIBAgIGSUEs5ABMMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTYxMDE4MTU0MzA2WhcNMTcxMDE4MTU0MzA2WjCB
jDELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
b2NrIEtmdC4xJzAlBgNVBAsMHlZpc3N6YXZvbsOhc2kgU3pvbGfDoWx0YXTDoXNv
azEqMCgGA1UEAwwhTmV0TG9jayBBcmFueSBPQ1NQIEtpc3pvbGfDoWzDsyAzMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2UeTayc2bL8m/f+vYeg0d6n
n1uec9tWX6xw6PkvPxNtF6SpLLuI+J0FmPwjP/Y9jW0ePZ6QoQzDGtsSQik+S5YS
um1PYXpKQnwxmB9iG3czDHLvhP5qp6LAo95xg7s6NTHtpq5ag9h5OyUJD4HI078k
Y8njXOsBAlN1OH3cxqlMoQFB0UZsUHYr9m+ws6mEuUvyrwo+hdIXdELBAEWP3Vu0
1rGkD7ePkgubQSYAbtRgAOzqzZ7vjqT0nZkl06LkHEMJcMYj5Olgld1QZkhvtjzr
llzm3sjlQKUfJoROw0cBVJdtgOyALpcClxWPLusXgEUlnSfKM2AKU7x2u6Fo1wID
AQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpnk/C2
uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFN2W8cYXiVGjAzXjV+RVpX3wxeK3MA0G
CSqGSIb3DQEBCwUAA4IBAQCac03yE0p7Z6YbRdBc9t/olvkyYmrEuyeWZoSceBXi
JGMZ5jG7btlhxr4ITT93WD56Tt3JPPmFGWoC5VOLlmKGQa2c7I4fRMisC7MZODEQ
oIRehvOLemxAqAwb0LnX7KKC6ptT9ush9TOC+LoEjkRPNN6bq+FzmoAoqy4/S6hd
cJeyWbaE4uVHAPOoPqOfodo/R7sUduVUaqJ8U1R42t++hDBONvrBypMjVQ1gNHvK
SyQOnpp/frbd0cudXveFof9VT8YcRBOnTq50EUBBfS9L6Bawtms56dMlhgHf1DfI
mFIHdiXdPY1oIau9FeBG6DM1MAht67tDRlblaLI933ZR
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 03:43:21 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp3.netlock.hu/gold.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp3.netlock.hu/gold.cgi (GET)
Size: 1570 bytes (DER data)
Response time: 323.483004ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Arany OCSP Responder 7
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp3.netlock.hu/gold.cgi/MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR%2Ff60eHa7rdefsya0exfWQ9bmEYQQUzPpnk%2FC2uNClwB7zU%2F2MU9%2BD15YCBklBLOQAFA%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBzaFiMGAxCzAJBgNV
BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBMdGQu
MScwJQYDVQQDDB5ORVRMT0NLIEFyYW55IE9DU1AgUmVzcG9uZGVyIDcYDzIwMTcw
NjI1MDMzMDExWjBWMFQwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmE
YQQUzPpnk/C2uNClwB7zU/2MU9+D15YCBklBLOQAFIAAGA8yMDE3MDYyNTAzMzAx
MVowDQYJKoZIhvcNAQELBQADggEBABflKuwpbXY5oFBY1+vBTLv0fyqmSXoa5dBC
QlTvD5mH01cVXBhFtVGPzh5MTHZVo9m6eQsO2JEVwnDNzoPsZ7RymLUBhq2phoMP
LbZ8WKIFAV7751GoBO4bZM+hJjV8rd/KxBi42CanWnAalJSOCoa9tKnwM/EACRuR
CTwHs9cm1Z5J7NedJcJWkG8CU4EWDnOIE/NE++qUgW4ij+/Bbknxo9D6VeAFLpn6
3DNJbJZnEgFajcWiW24jO1fADwFjAHL/0uO2aryG8PI3CGYKIPswX4nuJTwH0cK4
mGEhwUhDUIJppYVy5cwiWJOD+OjioQBHb3TEVfdlunyGwd9/9JGgggQYMIIEFDCC
BBAwggL4oAMCAQICBklBLOQATzANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
SFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtmdC4xNzA1
BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlvbiBTZXJ2
aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRh
bsO6c8OtdHbDoW55MB4XDTE3MDYwNjE1MjUzOVoXDTE4MDYwNjE1MjUzOVowYDEL
MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxORVRMT0NL
IEx0ZC4xJzAlBgNVBAMMHk5FVExPQ0sgQXJhbnkgT0NTUCBSZXNwb25kZXIgNzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMv24eCc0kKB4tVOcCdui6kh
WuzBtrRLrjHSGSOnKUL/hNXb6UNlxyxOAKdDnUxnTeN31kY6HhMhCcnUfx/O2/Oz
jUleLmgi8c9p7hNjH/hm4OF3TmRhuyXDsh41f2RdsF5SqPyCTFeRCdGzT6vVK+91
sg8V3hnrobLMOmH6UfYbZO28aELQalk/TQ9FD0ZTqw8gLdFcSsPQCk0F8WfjB0fY
avCAF7yIHtCsXEL+gJZPvRYcHr3k2V98l1ROjUAezulRaUkZbsT12IlnDTy49vXL
yHqgQONJmzId+aHO4tKiELmvjR9DKTyCOF37KpKsjoN/hDJe9XkKJ2wXZ5mBh60C
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGQDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMB8GA1UdIwQYMBaAFMz6Z5Pw
trjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBT9SWo5HYlH8VzS7FMfEpxo3+a9OzAN
BgkqhkiG9w0BAQsFAAOCAQEAZPfcKRW9ADkFF8LRWLJeWrmIbI//IA6yysiNuVpV
x6OgDTPfIZGkKx+Ksg6Xq2Ax2iO27VKXHc4Usnl8GoKgiAIVpbG4idO/OCM3fJZk
C1HE+BLlgNYgHujANoRq9mb7toeagxyq6obgeS8/WbfjVAqmwy1Nlu7JBRDUgj9a
SCnFaTf0/jIjO/hxRTWbVPFLkpOY248GE9k4IlW8fAJ7/niq5PA6yefb1gMCld0T
SkI66cUklcKWeVI2hRBei6/NwLmUQ7AGmY2NhuC4DI3mk+bKV93Mzrro1i/9Mf78
glajm3QiZZGcjC0VjnvyRRuSVRUW2O7DdcH5vRHwaW3Ysg==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIGSUEs5ABPMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTcwNjA2MTUyNTM5WhcNMTgwNjA2MTUyNTM5WjBg
MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBBcmFueSBPQ1NQIFJlc3BvbmRlciA3
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/bh4JzSQoHi1U5wJ26L
qSFa7MG2tEuuMdIZI6cpQv+E1dvpQ2XHLE4Ap0OdTGdN43fWRjoeEyEJydR/H87b
87ONSV4uaCLxz2nuE2Mf+Gbg4XdOZGG7JcOyHjV/ZF2wXlKo/IJMV5EJ0bNPq9Ur
73WyDxXeGeuhssw6YfpR9htk7bxoQtBqWT9ND0UPRlOrDyAt0VxKw9AKTQXxZ+MH
R9hq8IAXvIge0KxcQv6Alk+9FhweveTZX3yXVE6NQB7O6VFpSRluxPXYiWcNPLj2
9cvIeqBA40mbMh35oc7i0qIQua+NH0MpPII4XfsqkqyOg3+EMl71eQonbBdnmYGH
rQIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpn
k/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFP1JajkdiUfxXNLsUx8SnGjf5r07
MA0GCSqGSIb3DQEBCwUAA4IBAQBk99wpFb0AOQUXwtFYsl5auYhsj/8gDrLKyI25
WlXHo6ANM98hkaQrH4qyDperYDHaI7btUpcdzhSyeXwagqCIAhWlsbiJ0784Izd8
lmQLUcT4EuWA1iAe6MA2hGr2Zvu2h5qDHKrqhuB5Lz9Zt+NUCqbDLU2W7skFENSC
P1pIKcVpN/T+MiM7+HFFNZtU8UuSk5jbjwYT2TgiVbx8Anv+eKrk8DrJ59vWAwKV
3RNKQjrpxSSVwpZ5UjaFEF6Lr83AuZRDsAaZjY2G4LgMjeaT5spX3czOuujWL/0x
/vyCVqObdCJlkZyMLRWOe/JFG5JVFRbY7sN1wfm9EfBpbdiy
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:30:11 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp2.netlock.hu/gold.cgi (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.netlock.hu/gold.cgi (GET)
Size: 1570 bytes (DER data)
Response time: 325.427581ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Arany OCSP Responder 7
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

URL used for GET request

http://ocsp2.netlock.hu/gold.cgi/MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR%2Ff60eHa7rdefsya0exfWQ9bmEYQQUzPpnk%2FC2uNClwB7zU%2F2MU9%2BD15YCBklBLOQAFA%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBzaFiMGAxCzAJBgNV
BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBMdGQu
MScwJQYDVQQDDB5ORVRMT0NLIEFyYW55IE9DU1AgUmVzcG9uZGVyIDcYDzIwMTcw
NjI1MDIzNjI0WjBWMFQwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmE
YQQUzPpnk/C2uNClwB7zU/2MU9+D15YCBklBLOQAFIAAGA8yMDE3MDYyNTAyMzYy
NFowDQYJKoZIhvcNAQELBQADggEBABz/QfQAP5JXyzUYSGaBxSFZIYXn2H5dW+AH
6IlOCit1w56/uJ19wCwH3bha0MFA+4DGT9qVO4IKXHZIGKvaEjhCuN8L2kfF+Sp7
uNGXhMzOBIPwNij2U8opcI0Iha0dILv0HH0pSR1Ijp8XvlQj2PKwUBTYOL/0Yddk
Se48T6VgZTRyZBIZ6VE8MPc3wJ0c1S5VzMU4eYWh1p08kYvEJbZj+uMQ/7pToWqT
uQX53fHHke/XH4FFctPgSn7u7M1M36rSFXebBOMDG5WfcohH/xC0ZUq+6uznO1Fj
d+FAgn/YFPxw9rUA1oyNmg7xKRsqbh+y0dex9mL32j0P1M2V93OgggQYMIIEFDCC
BBAwggL4oAMCAQICBklBLOQATzANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
SFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtmdC4xNzA1
BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlvbiBTZXJ2
aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRh
bsO6c8OtdHbDoW55MB4XDTE3MDYwNjE1MjUzOVoXDTE4MDYwNjE1MjUzOVowYDEL
MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxORVRMT0NL
IEx0ZC4xJzAlBgNVBAMMHk5FVExPQ0sgQXJhbnkgT0NTUCBSZXNwb25kZXIgNzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMv24eCc0kKB4tVOcCdui6kh
WuzBtrRLrjHSGSOnKUL/hNXb6UNlxyxOAKdDnUxnTeN31kY6HhMhCcnUfx/O2/Oz
jUleLmgi8c9p7hNjH/hm4OF3TmRhuyXDsh41f2RdsF5SqPyCTFeRCdGzT6vVK+91
sg8V3hnrobLMOmH6UfYbZO28aELQalk/TQ9FD0ZTqw8gLdFcSsPQCk0F8WfjB0fY
avCAF7yIHtCsXEL+gJZPvRYcHr3k2V98l1ROjUAezulRaUkZbsT12IlnDTy49vXL
yHqgQONJmzId+aHO4tKiELmvjR9DKTyCOF37KpKsjoN/hDJe9XkKJ2wXZ5mBh60C
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGQDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMB8GA1UdIwQYMBaAFMz6Z5Pw
trjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBT9SWo5HYlH8VzS7FMfEpxo3+a9OzAN
BgkqhkiG9w0BAQsFAAOCAQEAZPfcKRW9ADkFF8LRWLJeWrmIbI//IA6yysiNuVpV
x6OgDTPfIZGkKx+Ksg6Xq2Ax2iO27VKXHc4Usnl8GoKgiAIVpbG4idO/OCM3fJZk
C1HE+BLlgNYgHujANoRq9mb7toeagxyq6obgeS8/WbfjVAqmwy1Nlu7JBRDUgj9a
SCnFaTf0/jIjO/hxRTWbVPFLkpOY248GE9k4IlW8fAJ7/niq5PA6yefb1gMCld0T
SkI66cUklcKWeVI2hRBei6/NwLmUQ7AGmY2NhuC4DI3mk+bKV93Mzrro1i/9Mf78
glajm3QiZZGcjC0VjnvyRRuSVRUW2O7DdcH5vRHwaW3Ysg==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIGSUEs5ABPMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTcwNjA2MTUyNTM5WhcNMTgwNjA2MTUyNTM5WjBg
MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBBcmFueSBPQ1NQIFJlc3BvbmRlciA3
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/bh4JzSQoHi1U5wJ26L
qSFa7MG2tEuuMdIZI6cpQv+E1dvpQ2XHLE4Ap0OdTGdN43fWRjoeEyEJydR/H87b
87ONSV4uaCLxz2nuE2Mf+Gbg4XdOZGG7JcOyHjV/ZF2wXlKo/IJMV5EJ0bNPq9Ur
73WyDxXeGeuhssw6YfpR9htk7bxoQtBqWT9ND0UPRlOrDyAt0VxKw9AKTQXxZ+MH
R9hq8IAXvIge0KxcQv6Alk+9FhweveTZX3yXVE6NQB7O6VFpSRluxPXYiWcNPLj2
9cvIeqBA40mbMh35oc7i0qIQua+NH0MpPII4XfsqkqyOg3+EMl71eQonbBdnmYGH
rQIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpn
k/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFP1JajkdiUfxXNLsUx8SnGjf5r07
MA0GCSqGSIb3DQEBCwUAA4IBAQBk99wpFb0AOQUXwtFYsl5auYhsj/8gDrLKyI25
WlXHo6ANM98hkaQrH4qyDperYDHaI7btUpcdzhSyeXwagqCIAhWlsbiJ0784Izd8
lmQLUcT4EuWA1iAe6MA2hGr2Zvu2h5qDHKrqhuB5Lz9Zt+NUCqbDLU2W7skFENSC
P1pIKcVpN/T+MiM7+HFFNZtU8UuSk5jbjwYT2TgiVbx8Anv+eKrk8DrJ59vWAwKV
3RNKQjrpxSSVwpZ5UjaFEF6Lr83AuZRDsAaZjY2G4LgMjeaT5spX3czOuujWL/0x
/vyCVqObdCJlkZyMLRWOe/JFG5JVFRbY7sN1wfm9EfBpbdiy
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 04:36:24 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp3.netlock.hu/gold.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp3.netlock.hu/gold.cgi (POST)
Size: 1661 bytes (DER data)
Response time: 589.712336ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NetLock Arany OCSP Kiszolgáló 2
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2016-10-18 - 2017-10-18
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGeQoBAKCCBnIwggZuBgkrBgEFBQcwAQEEggZfMIIGWzCB+6GBjzCBjDELMAkG
A1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtm
dC4xJzAlBgNVBAsMHlZpc3N6YXZvbsOhc2kgU3pvbGfDoWx0YXTDoXNvazEqMCgG
A1UEAwwhTmV0TG9jayBBcmFueSBPQ1NQIEtpc3pvbGfDoWzDsyAyGA8yMDE3MDYy
NTAzMzk1NlowVjBUMD8wCQYFKw4DAhoFAAQUf3+tHh2u63Xn7MmtHsX1kPW5hGEE
FMz6Z5PwtrjQpcAe81P9jFPfg9eWAgZJQSzkABSAABgPMjAxNzA2MjUwMzM5NTZa
MA0GCSqGSIb3DQEBCwUAA4IBAQAYdepnv+EY4xXwaUW1PbzYlIaTqNrYHKQ7aVc7
xD5fWJ6XaXYfFZtyRTZNNVRJIA8Qph6UDuHstSv4OnXwr/0qSmHme7/vgb+Z7LCG
ZRHRpNGk8Gh/zwCuwcaN8scZLFIeqnQqhZwhKPQz6YOP6i6O9N2DGdIbP9zAAoVI
XGMF7/zyo8s2gqPFxOEJHw0boKc9dm/DOFhJzbYZBpjrCjr4BNYeXjK2zPZRqTxe
z1ouzmKuVpDthCy4CMFGBHYgag8jW92HI9QpTDsQt1KdNnOFlSAYADFpEAlrGGWl
0UjlbwyrwTgv4t7pCoj0awXlkdxeD4jnS6MBG/yDKj/3AilSoIIERTCCBEEwggQ9
MIIDJaADAgECAgZJQSzkAEswDQYJKoZIhvcNAQELBQAwgacxCzAJBgNVBAYTAkhV
MREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9jayBLZnQuMTcwNQYD
VQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmljYXRpb24gU2Vydmlj
ZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBHb2xkKSBGxZF0YW7D
unPDrXR2w6FueTAeFw0xNjEwMTgxNTQyMjlaFw0xNzEwMTgxNTQyMjlaMIGMMQsw
CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sg
S2Z0LjEnMCUGA1UECwweVmlzc3phdm9uw6FzaSBTem9sZ8OhbHRhdMOhc29rMSow
KAYDVQQDDCFOZXRMb2NrIEFyYW55IE9DU1AgS2lzem9sZ8OhbMOzIDIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzg3RhOuFX/5qr7mEH/X86lpmfCifc
0end2SXyIcxu7uaX1qnVGk20QHrmURfPFuzlkVoxIzjIEUd8a18txyU1pXbMJAx1
iTdE4odbPyZjhEIIGHeypFmEEYR04dvmz8YHZ4SsQuFSpO3XOQpsrqtNUa7zesK2
ymlG/AuwQAR8DqP1mLiVf2/zdCKbQj9YNHgLNx3U2TMCOeZ1nDg1R3/g9ho2N1Mt
JHjZYNBhVxtlV18ipfvPR6gcXeprxdgNA5Fc02AIjzrpAg2zQiDY5YwqyjU7Z/Kf
qKwg5/3lvzfmdeIR47NHtEZeQK3nh9Q+0Fydd4sN2dWpcoUd6FdrHGmDAgMBAAGj
gYcwgYQwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBkAwEwYDVR0lBAwwCgYI
KwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAfBgNVHSMEGDAWgBTM+meT8La40KXA
HvNT/YxT34PXljAdBgNVHQ4EFgQUaAq5KHagFQ4r3nVdcR7OZwjhUjIwDQYJKoZI
hvcNAQELBQADggEBACjKgMUxdEshWJd+T72ZnQP1i/tXBUPe5ofQh0xu6lmY9Pxx
/zt1Yfpfqz/ftxlHwbaBdv3p6gJxPes+/iMjHo9O/0UPEJBwxdTCgc3AsFtY2FiA
8eGSLR+CJxF3D05slR4m04TY3CjK7J108tBc0usqIOhqbAySQIzTTUgOTf30kqVF
oLemr4W5MKMIl1heCMqzWz3x3tThUz1qLzp2Hevo+ArwvHh1uTLm80DBga5UxVp+
Xj65M3U8tkMd7RMSR9Pn4i0HX5pKmZOGkvkVuaTBczooLL5vWx53IA6Fno7B19f4
MFXUn+i+szxeQk74DsJ1LfTLX5XpobK/5mTYgh0=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEPTCCAyWgAwIBAgIGSUEs5ABLMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTYxMDE4MTU0MjI5WhcNMTcxMDE4MTU0MjI5WjCB
jDELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
b2NrIEtmdC4xJzAlBgNVBAsMHlZpc3N6YXZvbsOhc2kgU3pvbGfDoWx0YXTDoXNv
azEqMCgGA1UEAwwhTmV0TG9jayBBcmFueSBPQ1NQIEtpc3pvbGfDoWzDsyAyMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4N0YTrhV/+aq+5hB/1/OpaZ
nwon3NHp3dkl8iHMbu7ml9ap1RpNtEB65lEXzxbs5ZFaMSM4yBFHfGtfLcclNaV2
zCQMdYk3ROKHWz8mY4RCCBh3sqRZhBGEdOHb5s/GB2eErELhUqTt1zkKbK6rTVGu
83rCtsppRvwLsEAEfA6j9Zi4lX9v83Qim0I/WDR4Czcd1NkzAjnmdZw4NUd/4PYa
NjdTLSR42WDQYVcbZVdfIqX7z0eoHF3qa8XYDQORXNNgCI866QINs0Ig2OWMKso1
O2fyn6isIOf95b835nXiEeOzR7RGXkCt54fUPtBcnXeLDdnVqXKFHehXaxxpgwID
AQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpnk/C2
uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFGgKuSh2oBUOK951XXEezmcI4VIyMA0G
CSqGSIb3DQEBCwUAA4IBAQAoyoDFMXRLIViXfk+9mZ0D9Yv7VwVD3uaH0IdMbupZ
mPT8cf87dWH6X6s/37cZR8G2gXb96eoCcT3rPv4jIx6PTv9FDxCQcMXUwoHNwLBb
WNhYgPHhki0fgicRdw9ObJUeJtOE2NwoyuyddPLQXNLrKiDoamwMkkCM001IDk39
9JKlRaC3pq+FuTCjCJdYXgjKs1s98d7U4VM9ai86dh3r6PgK8Lx4dbky5vNAwYGu
VMVafl4+uTN1PLZDHe0TEkfT5+ItB1+aSpmThpL5FbmkwXM6KCy+b1sedyAOhZ6O
wdfX+DBV1J/ovrM8XkJO+A7CdS30y1+V6aGyv+Zk2IId
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp1.netlock.hu/gold.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp1.netlock.hu/gold.cgi (POST)
Size: 1570 bytes (DER data)
Response time: 621.894707ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Arany OCSP Responder 7
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBzaFiMGAxCzAJBgNV
BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBMdGQu
MScwJQYDVQQDDB5ORVRMT0NLIEFyYW55IE9DU1AgUmVzcG9uZGVyIDcYDzIwMTcw
NjI1MDMzOTU2WjBWMFQwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmE
YQQUzPpnk/C2uNClwB7zU/2MU9+D15YCBklBLOQAFIAAGA8yMDE3MDYyNTAzMzk1
NlowDQYJKoZIhvcNAQELBQADggEBAIC5HnuP7ASO1OHT9YQZJLRUnIBxyPPy8mgk
eMAei8wNOnyRCgmsnF2ukC4CVPlAijtJYsfwjERLNsll9TRcXj/QH3WI4wfocNvA
fRV/UzkLWkt7bGjZKq2sSXx6rI/K7yeZIF6CAf3KFVms3xA+WcyYWdQplmdjxXsN
B2AZf9jRTG2+7DtIUw+rCoYOzlKeT01ohy5pxkvIBHM2g7BfCFeen7QAinKXLDr+
0cAmBrqk3RS8MORLDHYOXJm3vcKWR2UCVGd+/4DWBlEe7vgwnYD7YCSkm+7Bg7Fz
gjHJgG6VMoPDtjPneDbU8dovC6UAp5v06s6C8bpUymYkcaBld+igggQYMIIEFDCC
BBAwggL4oAMCAQICBklBLOQATzANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
SFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtmdC4xNzA1
BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlvbiBTZXJ2
aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRh
bsO6c8OtdHbDoW55MB4XDTE3MDYwNjE1MjUzOVoXDTE4MDYwNjE1MjUzOVowYDEL
MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxORVRMT0NL
IEx0ZC4xJzAlBgNVBAMMHk5FVExPQ0sgQXJhbnkgT0NTUCBSZXNwb25kZXIgNzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMv24eCc0kKB4tVOcCdui6kh
WuzBtrRLrjHSGSOnKUL/hNXb6UNlxyxOAKdDnUxnTeN31kY6HhMhCcnUfx/O2/Oz
jUleLmgi8c9p7hNjH/hm4OF3TmRhuyXDsh41f2RdsF5SqPyCTFeRCdGzT6vVK+91
sg8V3hnrobLMOmH6UfYbZO28aELQalk/TQ9FD0ZTqw8gLdFcSsPQCk0F8WfjB0fY
avCAF7yIHtCsXEL+gJZPvRYcHr3k2V98l1ROjUAezulRaUkZbsT12IlnDTy49vXL
yHqgQONJmzId+aHO4tKiELmvjR9DKTyCOF37KpKsjoN/hDJe9XkKJ2wXZ5mBh60C
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGQDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMB8GA1UdIwQYMBaAFMz6Z5Pw
trjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBT9SWo5HYlH8VzS7FMfEpxo3+a9OzAN
BgkqhkiG9w0BAQsFAAOCAQEAZPfcKRW9ADkFF8LRWLJeWrmIbI//IA6yysiNuVpV
x6OgDTPfIZGkKx+Ksg6Xq2Ax2iO27VKXHc4Usnl8GoKgiAIVpbG4idO/OCM3fJZk
C1HE+BLlgNYgHujANoRq9mb7toeagxyq6obgeS8/WbfjVAqmwy1Nlu7JBRDUgj9a
SCnFaTf0/jIjO/hxRTWbVPFLkpOY248GE9k4IlW8fAJ7/niq5PA6yefb1gMCld0T
SkI66cUklcKWeVI2hRBei6/NwLmUQ7AGmY2NhuC4DI3mk+bKV93Mzrro1i/9Mf78
glajm3QiZZGcjC0VjnvyRRuSVRUW2O7DdcH5vRHwaW3Ysg==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIGSUEs5ABPMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTcwNjA2MTUyNTM5WhcNMTgwNjA2MTUyNTM5WjBg
MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBBcmFueSBPQ1NQIFJlc3BvbmRlciA3
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/bh4JzSQoHi1U5wJ26L
qSFa7MG2tEuuMdIZI6cpQv+E1dvpQ2XHLE4Ap0OdTGdN43fWRjoeEyEJydR/H87b
87ONSV4uaCLxz2nuE2Mf+Gbg4XdOZGG7JcOyHjV/ZF2wXlKo/IJMV5EJ0bNPq9Ur
73WyDxXeGeuhssw6YfpR9htk7bxoQtBqWT9ND0UPRlOrDyAt0VxKw9AKTQXxZ+MH
R9hq8IAXvIge0KxcQv6Alk+9FhweveTZX3yXVE6NQB7O6VFpSRluxPXYiWcNPLj2
9cvIeqBA40mbMh35oc7i0qIQua+NH0MpPII4XfsqkqyOg3+EMl71eQonbBdnmYGH
rQIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpn
k/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFP1JajkdiUfxXNLsUx8SnGjf5r07
MA0GCSqGSIb3DQEBCwUAA4IBAQBk99wpFb0AOQUXwtFYsl5auYhsj/8gDrLKyI25
WlXHo6ANM98hkaQrH4qyDperYDHaI7btUpcdzhSyeXwagqCIAhWlsbiJ0784Izd8
lmQLUcT4EuWA1iAe6MA2hGr2Zvu2h5qDHKrqhuB5Lz9Zt+NUCqbDLU2W7skFENSC
P1pIKcVpN/T+MiM7+HFFNZtU8UuSk5jbjwYT2TgiVbx8Anv+eKrk8DrJ59vWAwKV
3RNKQjrpxSSVwpZ5UjaFEF6Lr83AuZRDsAaZjY2G4LgMjeaT5spX3czOuujWL/0x
/vyCVqObdCJlkZyMLRWOe/JFG5JVFRbY7sN1wfm9EfBpbdiy
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)
This OCSP response was cached at
http://ocsp2.netlock.hu/gold.cgi (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.netlock.hu/gold.cgi (POST)
Size: 1570 bytes (DER data)
Response time: 660.451011ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: NETLOCK Arany OCSP Responder 7
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Signing certificate validity: 2017-06-06 - 2018-06-06
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Produced at:
Status: Good

Relevant server response headers

Date:
Expires:
Cache Control Max-age: 2h0m0s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEcwRTBDMEEwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmEYQQUzPpn
k/C2uNClwB7zU/2MU9+D15YCBklBLOQAFA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBzaFiMGAxCzAJBgNV
BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBMdGQu
MScwJQYDVQQDDB5ORVRMT0NLIEFyYW55IE9DU1AgUmVzcG9uZGVyIDcYDzIwMTcw
NjI1MDMzOTU2WjBWMFQwPzAJBgUrDgMCGgUABBR/f60eHa7rdefsya0exfWQ9bmE
YQQUzPpnk/C2uNClwB7zU/2MU9+D15YCBklBLOQAFIAAGA8yMDE3MDYyNTAzMzk1
NlowDQYJKoZIhvcNAQELBQADggEBAIC5HnuP7ASO1OHT9YQZJLRUnIBxyPPy8mgk
eMAei8wNOnyRCgmsnF2ukC4CVPlAijtJYsfwjERLNsll9TRcXj/QH3WI4wfocNvA
fRV/UzkLWkt7bGjZKq2sSXx6rI/K7yeZIF6CAf3KFVms3xA+WcyYWdQplmdjxXsN
B2AZf9jRTG2+7DtIUw+rCoYOzlKeT01ohy5pxkvIBHM2g7BfCFeen7QAinKXLDr+
0cAmBrqk3RS8MORLDHYOXJm3vcKWR2UCVGd+/4DWBlEe7vgwnYD7YCSkm+7Bg7Fz
gjHJgG6VMoPDtjPneDbU8dovC6UAp5v06s6C8bpUymYkcaBld+igggQYMIIEFDCC
BBAwggL4oAMCAQICBklBLOQATzANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
SFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtmdC4xNzA1
BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlvbiBTZXJ2
aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRh
bsO6c8OtdHbDoW55MB4XDTE3MDYwNjE1MjUzOVoXDTE4MDYwNjE1MjUzOVowYDEL
MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxORVRMT0NL
IEx0ZC4xJzAlBgNVBAMMHk5FVExPQ0sgQXJhbnkgT0NTUCBSZXNwb25kZXIgNzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMv24eCc0kKB4tVOcCdui6kh
WuzBtrRLrjHSGSOnKUL/hNXb6UNlxyxOAKdDnUxnTeN31kY6HhMhCcnUfx/O2/Oz
jUleLmgi8c9p7hNjH/hm4OF3TmRhuyXDsh41f2RdsF5SqPyCTFeRCdGzT6vVK+91
sg8V3hnrobLMOmH6UfYbZO28aELQalk/TQ9FD0ZTqw8gLdFcSsPQCk0F8WfjB0fY
avCAF7yIHtCsXEL+gJZPvRYcHr3k2V98l1ROjUAezulRaUkZbsT12IlnDTy49vXL
yHqgQONJmzId+aHO4tKiELmvjR9DKTyCOF37KpKsjoN/hDJe9XkKJ2wXZ5mBh60C
AwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGQDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMB8GA1UdIwQYMBaAFMz6Z5Pw
trjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBT9SWo5HYlH8VzS7FMfEpxo3+a9OzAN
BgkqhkiG9w0BAQsFAAOCAQEAZPfcKRW9ADkFF8LRWLJeWrmIbI//IA6yysiNuVpV
x6OgDTPfIZGkKx+Ksg6Xq2Ax2iO27VKXHc4Usnl8GoKgiAIVpbG4idO/OCM3fJZk
C1HE+BLlgNYgHujANoRq9mb7toeagxyq6obgeS8/WbfjVAqmwy1Nlu7JBRDUgj9a
SCnFaTf0/jIjO/hxRTWbVPFLkpOY248GE9k4IlW8fAJ7/niq5PA6yefb1gMCld0T
SkI66cUklcKWeVI2hRBei6/NwLmUQ7AGmY2NhuC4DI3mk+bKV93Mzrro1i/9Mf78
glajm3QiZZGcjC0VjnvyRRuSVRUW2O7DdcH5vRHwaW3Ysg==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIGSUEs5ABPMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
dGFuw7pzw610dsOhbnkwHhcNMTcwNjA2MTUyNTM5WhcNMTgwNjA2MTUyNTM5WjBg
MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBBcmFueSBPQ1NQIFJlc3BvbmRlciA3
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/bh4JzSQoHi1U5wJ26L
qSFa7MG2tEuuMdIZI6cpQv+E1dvpQ2XHLE4Ap0OdTGdN43fWRjoeEyEJydR/H87b
87ONSV4uaCLxz2nuE2Mf+Gbg4XdOZGG7JcOyHjV/ZF2wXlKo/IJMV5EJ0bNPq9Ur
73WyDxXeGeuhssw6YfpR9htk7bxoQtBqWT9ND0UPRlOrDyAt0VxKw9AKTQXxZ+MH
R9hq8IAXvIge0KxcQv6Alk+9FhweveTZX3yXVE6NQB7O6VFpSRluxPXYiWcNPLj2
9cvIeqBA40mbMh35oc7i0qIQua+NH0MpPII4XfsqkqyOg3+EMl71eQonbBdnmYGH
rQIDAQABo4GHMIGEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgZAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwHwYDVR0jBBgwFoAUzPpn
k/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFP1JajkdiUfxXNLsUx8SnGjf5r07
MA0GCSqGSIb3DQEBCwUAA4IBAQBk99wpFb0AOQUXwtFYsl5auYhsj/8gDrLKyI25
WlXHo6ANM98hkaQrH4qyDperYDHaI7btUpcdzhSyeXwagqCIAhWlsbiJ0784Izd8
lmQLUcT4EuWA1iAe6MA2hGr2Zvu2h5qDHKrqhuB5Lz9Zt+NUCqbDLU2W7skFENSC
P1pIKcVpN/T+MiM7+HFFNZtU8UuSk5jbjwYT2TgiVbx8Anv+eKrk8DrJ59vWAwKV
3RNKQjrpxSSVwpZ5UjaFEF6Lr83AuZRDsAaZjY2G4LgMjeaT5spX3czOuujWL/0x
/vyCVqObdCJlkZyMLRWOe/JFG5JVFRbY7sN1wfm9EfBpbdiy
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=7200, public, no-transform, must-revalidate]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:39:56 GMT]
Expires: [Sun, 25 Jun 2017 05:39:56 GMT]
Server: [nginx]
X-Frame-Options: [SAMEORIGIN]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Revocation information is updated at least once every twelve months
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • NextUpdate not set (RFC 5019, section 2.2.4)

NetLock Arany (Class Gold) Főtanúsítvány (CA Certificate)

Certificate details for NetLock Arany (Class Gold) Főtanúsítvány (At position 2 in certificate chain)
Serial number:
hex: 49412ce40010
int: 80544274841616
Issued by: NetLock Arany (Class Gold) Főtanúsítvány
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: NetLock Kft.
Organization unit: Tanúsítványkiadók (Certification Services)
Locality: Budapest
Country: HU
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.