CRL & OCSP report for www.konferenz-gruene-logistik.de

www.konferenz-gruene-logistik.de

Certificate details for www.konferenz-gruene-logistik.de (At position 0 in certificate chain)
Serial number:
hex: 1121cc0ae2938938cadd418707dbe23a5247
int: 1492409397977937448892311593396876359651911
Issued by: AlphaSSL CA - SHA256 - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.konferenz-gruene-logistik.de.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl2.alphassl.com/gs/gsalphasha2g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl2.alphassl.com/gs/gsalphasha2g2.crl
Size: 94232 bytes (DER data)
Response time: 41.426859ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 2870

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [374296db42281864-EWR]
Content-Length: [94232]
Content-Type: [application/pkix-crl]
Date: [Sat, 24 Jun 2017 20:55:40 GMT]
Etag: [E48D]
Expires: [Sat, 01 Jul 2017 07:50:42 GMT]
Last-Modified: [Sat, 24 Jun 2017 07:50:42 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d977f53f207b0eab9ba229eff34d3b6411498337740; expires=Sun, 24-Jun-18 20:55:40 GMT; path=/; domain=.alphassl.com; HttpOnly]
Vary: [Accept-Encoding]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsalphasha2g2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsalphasha2g2 (POST)
Size: 1561 bytes (DER data)
Response time: 561.940156ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: AlphaSSL CA - SHA256 - G2 - OCSP Responder
Issued by: AlphaSSL CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBSE1Wv4CYvTB7dm2OHrrWWWqmtnYQQU9c3V
PAhQ+WpPOreX2laD5mnSaPcCEhEhzArik4k4yt1Bhwfb4jpSRw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGFQoBAKCCBg4wggYKBgkrBgEFBQcwAQEEggX7MIIF9zCBxqIWBBTuXv/+hdsm
xib702mEEK0dDdPvWBgPMjAxNzA2MjQyMDU1NDBaMIGaMIGXMEswCQYFKw4DAhoF
AAQUhNVr+AmL0we3Ztjh661llqprZ2EEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3AhIR
IcwK4pOJOMrdQYcH2+I6UkeAABgPMjAxNzA2MjQyMDU1NDBaoBEYDzIwMTcwNjI4
MjA1NTQwWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI0MjA1NTQwWjANBgkq
hkiG9w0BAQsFAAOCAQEAncfwAb49cpAML/FIY4Jvn3mwl2hP+LKvO9uXSsndWS/I
M7O09Hvkf7NApuR1qEXLhJLukAhPdxuYtKztZCjWEpnuRmRrdNFD5DWydErYfSUk
dS0UsFXrleLuzxBh8AmyFy81x2rQnW+bJ/iQgmUFduAw9X5E/8e7PO0BUZ0Ke2xB
0JNVVKZgSbTClhh5Q3FdGosEpLvFCM8XmeWuMAzB0rjLeOYQ2w7e+df39a1IDa0s
sJ+OoNjcNBTejYDw+rX+o3hxuUHLwxtQoZaPRqsNprxd4p1vT0GqhAEVr003soFX
hPPfa5ikSOFsJ1vHUchN4L747b0tAqnQPQcs4w/5/aCCBBYwggQSMIIEDjCCAvag
AwIBAgIMXtSB9stzQKEQKXPgMA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBD
QSAtIFNIQTI1NiAtIEcyMB4XDTE3MDUwNDA4MTMzOVoXDTE3MDgwNDA4MTMzOVow
dDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNV
BAUTDDIwMTcwNTA0MDAyMDEzMDEGA1UEAxMqQWxwaGFTU0wgQ0EgLSBTSEEyNTYg
LSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwG4UX1bZE3hMp15gSSBzEIRgOnv5/goZKSwSEwQVA8YCBB3uHBsJdHNa
aQKPVJJ/UQgb/rFd/b6eMUZ8DGBA0cwSU45+Hu2WP5fjBfAwZwg9qXvGiqh1Bmus
wKrQ8Ow9Ar6hFTKpP0xdhsBzYFP4fVdmIAeJnZ+HiPNFf4z0x/KA6Xd45iRYK5VG
GprEG8GMbEtja9Q2Qq2c2kx3bSxCW5mCwcUizu48r2sNN8u9ryROc7XauXZfDHb6
mcInhTiTqipbXHYZ0aXR/qzQcvYGaVUYdMWVjGCI6VpdeqMUDfXqPO9qO1Mj3mXt
7/dFuOq325S6zYJDwLCO79BF+R2otwIDAQABo4HHMIHEMB0GA1UdDgQWBBTuXv/+
hdsmxib702mEEK0dDdPvWDAfBgNVHSMEGDAWgBT1zdU8CFD5ak86t5faVoPmadJo
9zAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYI
KwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkv
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0B
AQsFAAOCAQEArhU70uE0eddxr/3MudBb4hJcs/DfUX1916IKqSdy34TIQDJnHA4d
L0kkKKXgFMhCyO5qUjehCXoZqd+vM3woJhKQZjgfqNvBagLy/mc7Inm7ocUIoDte
1Gfv0cgIi3/lOE+u9OI3ROU6Wt75G/UbdD6JVzJLL7N6kAVYt6HrMO1HOd8PHuVV
XsEn1BqprUOFFYbLuUk/96+QdtTH5kcPWj8no2YGD/mwItrQ4g0MCvvkQy6MGjdn
yXuMuc+ohtrnqag/wFhKGUj9KgRs9UOfeHvk/9E9M8siI96Aph0JOuo/r/2QyP+w
wHQRuo8eou38UCebWy0VRlfaqUuD2Euyuw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEDjCCAvagAwIBAgIMXtSB9stzQKEQKXPgMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE3MDUwNDA4MTMzOVoXDTE3MDgw
NDA4MTMzOVowdDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt
c2ExFTATBgNVBAUTDDIwMTcwNTA0MDAyMDEzMDEGA1UEAxMqQWxwaGFTU0wgQ0Eg
LSBTSEEyNTYgLSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwG4UX1bZE3hMp15gSSBzEIRgOnv5/goZKSwSEwQVA8YC
BB3uHBsJdHNaaQKPVJJ/UQgb/rFd/b6eMUZ8DGBA0cwSU45+Hu2WP5fjBfAwZwg9
qXvGiqh1BmuswKrQ8Ow9Ar6hFTKpP0xdhsBzYFP4fVdmIAeJnZ+HiPNFf4z0x/KA
6Xd45iRYK5VGGprEG8GMbEtja9Q2Qq2c2kx3bSxCW5mCwcUizu48r2sNN8u9ryRO
c7XauXZfDHb6mcInhTiTqipbXHYZ0aXR/qzQcvYGaVUYdMWVjGCI6VpdeqMUDfXq
PO9qO1Mj3mXt7/dFuOq325S6zYJDwLCO79BF+R2otwIDAQABo4HHMIHEMB0GA1Ud
DgQWBBTuXv/+hdsmxib702mEEK0dDdPvWDAfBgNVHSMEGDAWgBT1zdU8CFD5ak86
t5faVoPmadJo9zAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGg
MgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
cG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAN
BgkqhkiG9w0BAQsFAAOCAQEArhU70uE0eddxr/3MudBb4hJcs/DfUX1916IKqSdy
34TIQDJnHA4dL0kkKKXgFMhCyO5qUjehCXoZqd+vM3woJhKQZjgfqNvBagLy/mc7
Inm7ocUIoDte1Gfv0cgIi3/lOE+u9OI3ROU6Wt75G/UbdD6JVzJLL7N6kAVYt6Hr
MO1HOd8PHuVVXsEn1BqprUOFFYbLuUk/96+QdtTH5kcPWj8no2YGD/mwItrQ4g0M
CvvkQy6MGjdnyXuMuc+ohtrnqag/wFhKGUj9KgRs9UOfeHvk/9E9M8siI96Aph0J
Ouo/r/2QyP+wwHQRuo8eou38UCebWy0VRlfaqUuD2Euyuw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [374296db479e4740-EWR]
Content-Length: [1561]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 20:55:40 GMT]
Etag: ["b56c9b8d0f385d729eefd128ab4881068017dd01"]
Expires: [Wed, 28 Jun 2017 20:55:40 GMT]
Last-Modified: [Sat, 24 Jun 2017 20:55:40 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d642bef69d1f538d2ffe148984e3c85331498337740; expires=Sun, 24-Jun-18 20:55:40 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsalphasha2g2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsalphasha2g2 (GET)
Size: 1561 bytes (DER data)
Response time: 1.015237503s
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: AlphaSSL CA - SHA256 - G2 - OCSP Responder
Issued by: AlphaSSL CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

URL used for GET request

http://ocsp2.globalsign.com/gsalphasha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBSE1Wv4CYvTB7dm2OHrrWWWqmtnYQQU9c3VPAhQ%2BWpPOreX2laD5mnSaPcCEhEhzArik4k4yt1Bhwfb4jpSRw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBSE1Wv4CYvTB7dm2OHrrWWWqmtnYQQU9c3V
PAhQ+WpPOreX2laD5mnSaPcCEhEhzArik4k4yt1Bhwfb4jpSRw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGFQoBAKCCBg4wggYKBgkrBgEFBQcwAQEEggX7MIIF9zCBxqIWBBTuXv/+hdsm
xib702mEEK0dDdPvWBgPMjAxNzA2MjQyMDU1NDBaMIGaMIGXMEswCQYFKw4DAhoF
AAQUhNVr+AmL0we3Ztjh661llqprZ2EEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3AhIR
IcwK4pOJOMrdQYcH2+I6UkeAABgPMjAxNzA2MjQyMDU1NDBaoBEYDzIwMTcwNjI4
MjA1NTQwWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI0MjA1NTQwWjANBgkq
hkiG9w0BAQsFAAOCAQEAncfwAb49cpAML/FIY4Jvn3mwl2hP+LKvO9uXSsndWS/I
M7O09Hvkf7NApuR1qEXLhJLukAhPdxuYtKztZCjWEpnuRmRrdNFD5DWydErYfSUk
dS0UsFXrleLuzxBh8AmyFy81x2rQnW+bJ/iQgmUFduAw9X5E/8e7PO0BUZ0Ke2xB
0JNVVKZgSbTClhh5Q3FdGosEpLvFCM8XmeWuMAzB0rjLeOYQ2w7e+df39a1IDa0s
sJ+OoNjcNBTejYDw+rX+o3hxuUHLwxtQoZaPRqsNprxd4p1vT0GqhAEVr003soFX
hPPfa5ikSOFsJ1vHUchN4L747b0tAqnQPQcs4w/5/aCCBBYwggQSMIIEDjCCAvag
AwIBAgIMXtSB9stzQKEQKXPgMA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBD
QSAtIFNIQTI1NiAtIEcyMB4XDTE3MDUwNDA4MTMzOVoXDTE3MDgwNDA4MTMzOVow
dDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNV
BAUTDDIwMTcwNTA0MDAyMDEzMDEGA1UEAxMqQWxwaGFTU0wgQ0EgLSBTSEEyNTYg
LSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwG4UX1bZE3hMp15gSSBzEIRgOnv5/goZKSwSEwQVA8YCBB3uHBsJdHNa
aQKPVJJ/UQgb/rFd/b6eMUZ8DGBA0cwSU45+Hu2WP5fjBfAwZwg9qXvGiqh1Bmus
wKrQ8Ow9Ar6hFTKpP0xdhsBzYFP4fVdmIAeJnZ+HiPNFf4z0x/KA6Xd45iRYK5VG
GprEG8GMbEtja9Q2Qq2c2kx3bSxCW5mCwcUizu48r2sNN8u9ryROc7XauXZfDHb6
mcInhTiTqipbXHYZ0aXR/qzQcvYGaVUYdMWVjGCI6VpdeqMUDfXqPO9qO1Mj3mXt
7/dFuOq325S6zYJDwLCO79BF+R2otwIDAQABo4HHMIHEMB0GA1UdDgQWBBTuXv/+
hdsmxib702mEEK0dDdPvWDAfBgNVHSMEGDAWgBT1zdU8CFD5ak86t5faVoPmadJo
9zAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYI
KwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkv
MA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0B
AQsFAAOCAQEArhU70uE0eddxr/3MudBb4hJcs/DfUX1916IKqSdy34TIQDJnHA4d
L0kkKKXgFMhCyO5qUjehCXoZqd+vM3woJhKQZjgfqNvBagLy/mc7Inm7ocUIoDte
1Gfv0cgIi3/lOE+u9OI3ROU6Wt75G/UbdD6JVzJLL7N6kAVYt6HrMO1HOd8PHuVV
XsEn1BqprUOFFYbLuUk/96+QdtTH5kcPWj8no2YGD/mwItrQ4g0MCvvkQy6MGjdn
yXuMuc+ohtrnqag/wFhKGUj9KgRs9UOfeHvk/9E9M8siI96Aph0JOuo/r/2QyP+w
wHQRuo8eou38UCebWy0VRlfaqUuD2Euyuw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEDjCCAvagAwIBAgIMXtSB9stzQKEQKXPgMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE3MDUwNDA4MTMzOVoXDTE3MDgw
NDA4MTMzOVowdDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt
c2ExFTATBgNVBAUTDDIwMTcwNTA0MDAyMDEzMDEGA1UEAxMqQWxwaGFTU0wgQ0Eg
LSBTSEEyNTYgLSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwG4UX1bZE3hMp15gSSBzEIRgOnv5/goZKSwSEwQVA8YC
BB3uHBsJdHNaaQKPVJJ/UQgb/rFd/b6eMUZ8DGBA0cwSU45+Hu2WP5fjBfAwZwg9
qXvGiqh1BmuswKrQ8Ow9Ar6hFTKpP0xdhsBzYFP4fVdmIAeJnZ+HiPNFf4z0x/KA
6Xd45iRYK5VGGprEG8GMbEtja9Q2Qq2c2kx3bSxCW5mCwcUizu48r2sNN8u9ryRO
c7XauXZfDHb6mcInhTiTqipbXHYZ0aXR/qzQcvYGaVUYdMWVjGCI6VpdeqMUDfXq
PO9qO1Mj3mXt7/dFuOq325S6zYJDwLCO79BF+R2otwIDAQABo4HHMIHEMB0GA1Ud
DgQWBBTuXv/+hdsmxib702mEEK0dDdPvWDAfBgNVHSMEGDAWgBT1zdU8CFD5ak86
t5faVoPmadJo9zAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGg
MgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
cG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAN
BgkqhkiG9w0BAQsFAAOCAQEArhU70uE0eddxr/3MudBb4hJcs/DfUX1916IKqSdy
34TIQDJnHA4dL0kkKKXgFMhCyO5qUjehCXoZqd+vM3woJhKQZjgfqNvBagLy/mc7
Inm7ocUIoDte1Gfv0cgIi3/lOE+u9OI3ROU6Wt75G/UbdD6JVzJLL7N6kAVYt6Hr
MO1HOd8PHuVVXsEn1BqprUOFFYbLuUk/96+QdtTH5kcPWj8no2YGD/mwItrQ4g0M
CvvkQy6MGjdnyXuMuc+ohtrnqag/wFhKGUj9KgRs9UOfeHvk/9E9M8siI96Aph0J
Ouo/r/2QyP+wwHQRuo8eou38UCebWy0VRlfaqUuD2Euyuw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [374296db40da215c-EWR]
Content-Length: [1561]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 20:55:41 GMT]
Etag: ["b56c9b8d0f385d729eefd128ab4881068017dd01"]
Expires: [Wed, 28 Jun 2017 20:55:40 GMT]
Last-Modified: [Sat, 24 Jun 2017 20:55:40 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=db4f1c9ed60bb4ffddbf1e4041730d7f61498337740; expires=Sun, 24-Jun-18 20:55:40 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

AlphaSSL CA - SHA256 - G2 (CA Certificate)

Certificate details for AlphaSSL CA - SHA256 - G2 (At position 1 in certificate chain)
Serial number:
hex: 40000000001444ef03631
int: 4835703278459909592593969
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.