CRL & OCSP report for www.travelstyletours.co.uk (Travelstyle Tours Limited)

www.travelstyletours.co.uk

This certificate was cached at
Certificate details for www.travelstyletours.co.uk (At position 0 in certificate chain)
Serial number:
hex: 1d06bf9e346be466d7f0da9a6b2a780
int: 2411415758338837385805798574577067904
Issued by: DigiCert Secure Server CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Travelstyle Tours Limited
Organization unit: web
State / Province: CHESHIRE
Locality: ALTRINCHAM
Country: GB
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for www.travelstyletours.co.uk.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl3.digicert.com/ssca-g3.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl3.digicert.com/ssca-g3.crl
Size: 10421 bytes (DER data)
Response time: 4.664048ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 283

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: ECS (lga/139B)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=172800]
Content-Length: [10421]
Content-Type: [application/x-pkcs7-crl]
Date: [Wed, 06 Jul 2016 11:47:02 GMT]
Etag: ["3901231348"]
Expires: [Fri, 08 Jul 2016 11:47:02 GMT]
Last-Modified: [Tue, 05 Jul 2016 17:15:13 GMT]
Server: [ECS (lga/139B)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl4.digicert.com/ssca-g3.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl4.digicert.com/ssca-g3.crl
Size: 10421 bytes (DER data)
Response time: 8.103903ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 283

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: CFS 0213

Raw CRL response headers

Accept-Ranges: [bytes]
Cf4age: [20]
Cf4ttl: [31536000.000]
Content-Length: [10421]
Content-Type: [application/x-pkcs7-crl]
Date: [Wed, 06 Jul 2016 11:47:02 GMT]
Last-Modified: [Tue, 05 Jul 2016 17:15:13 GMT]
Server: [CFS 0213]
X-Cf1: [13483:fB.ewr1:cf:cacheA.ewr1-01:H]
X-Cf2: [H]
X-Cf3: [H]
X-Cfhash: ["28927c71e6688051e6a1941e8728b74c"]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
(STAPLED)Good

OCSP response information

Source: Stapled OCSP reponse from Server
Size: 471 bytes (DER data)
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Raw OCSP request (PEM encoded)


Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSQcds363PI
79zVHhK2NLorWqCmkhgPMjAxNjA4MjcxMTQ3MDBaMHMwcTBJMAkGBSsOAwIaBQAE
FCCmlIsBvuglpDpFVXZmH1XBkgYzBBSQcds363PI79zVHhK2NLorWqCmkgIQAdBr
+eNGvkZtfw2pprKngIAAGA8yMDE2MDgyNzExNDcwMFqgERgPMjAxNjA5MDMxMTAy
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQBVSVQPjIbM1bz3WGE74e7KZOlZmzenBsjv
Ko5KnROsxNM4PCBQ8xojcu5Z230mczq96ixhk+O4IFshNssnS2bSBMSUhaoIaQqx
Z0TKSkyABIgS5flczVn4FtwywOKnrRZZguE1x0uZQZrpfMqeQftL45Lj7fM1zwym
LH4xiyD3cbwGH9Q3MEhP0Xh3A/VqQ8B6dwzWcDkemHHAv6ScpNvhHr+dLjhPpzT5
J/Zwoly685SOk+gM+CwPswM5o1rlFIm2v5XeeeQ7RIyqT0U6I/9j24KMKsQS8Ept
kM97exNwW+sOr6LGcsYpHYcrMWTEZhpLCaGmuxi7OAvFsKmntNJ9
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)


This OCSP response was cached at
http://ocsp.digicert.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.digicert.com (POST)
Size: 471 bytes (DER data)
Response time: 44.907663ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 138h53m12s

Server and network information

Server Software: nginx

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQgppSLAb7oJaQ6RVV2Zh9VwZIGMwQUkHHb
N+tzyO/c1R4StjS6K1qgppICEAHQa/njRr5GbX8Nqaayp4A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSQcds363PI
79zVHhK2NLorWqCmkhgPMjAxNjA3MDYwNTQ5MDBaMHMwcTBJMAkGBSsOAwIaBQAE
FCCmlIsBvuglpDpFVXZmH1XBkgYzBBSQcds363PI79zVHhK2NLorWqCmkgIQAdBr
+eNGvkZtfw2pprKngIAAGA8yMDE2MDcwNjA1NDkwMFqgERgPMjAxNjA3MTMwNTA0
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQCxY4FD26NzvBVwf90DEvMeJl+VJsEaJq5f
cTehamfSujYn7UYxa3SsH/4bEYjdvmgrnF6bp8sJpW67aUqmXCao8SCh0uHmKsEU
zTPYIu7g8GYBuQVYLwekdyV/TqXw/KGnTbQ2CHJ7N0tEGAv6pf82J+R6yiuCXR8B
tyb2vqq4S/4zuiEEJw5/kc9d0X1FEpMQRGVogaEurGzmi8FJ/EefO/cgfv/Uicvd
PtxpCt+ruglnYwyyjEos7bt0ASOrHPM5Eg13KGe+wpc6QCvUU/s4Sw5Ao587dHon
AYlFwhRy5bPgg3/HDPQCfTt2cx6IOWQUx/nTyp22bNLTCeXEG9Y9
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)


Raw OCSP response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=499992]
Content-Length: [471]
Content-Type: [application/ocsp-response]
Date: [Wed, 06 Jul 2016 11:47:02 GMT]
Etag: ["577ca7ce-1d7"]
Expires: [Tue, 12 Jul 2016 23:47:02 GMT]
Last-Modified: [Wed, 06 Jul 2016 06:40:14 GMT]
Server: [nginx]
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.digicert.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.digicert.com (GET)
Size: 471 bytes (DER data)
Response time: 27.764911ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 138h53m12s

Server and network information

Server Software: nginx

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQgppSLAb7oJaQ6RVV2Zh9VwZIGMwQUkHHbN%2BtzyO%2Fc1R4StjS6K1qgppICEAHQa%2FnjRr5GbX8Nqaayp4A%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQgppSLAb7oJaQ6RVV2Zh9VwZIGMwQUkHHb
N+tzyO/c1R4StjS6K1qgppICEAHQa/njRr5GbX8Nqaayp4A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSQcds363PI
79zVHhK2NLorWqCmkhgPMjAxNjA3MDYwNTQ5MDBaMHMwcTBJMAkGBSsOAwIaBQAE
FCCmlIsBvuglpDpFVXZmH1XBkgYzBBSQcds363PI79zVHhK2NLorWqCmkgIQAdBr
+eNGvkZtfw2pprKngIAAGA8yMDE2MDcwNjA1NDkwMFqgERgPMjAxNjA3MTMwNTA0
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQCxY4FD26NzvBVwf90DEvMeJl+VJsEaJq5f
cTehamfSujYn7UYxa3SsH/4bEYjdvmgrnF6bp8sJpW67aUqmXCao8SCh0uHmKsEU
zTPYIu7g8GYBuQVYLwekdyV/TqXw/KGnTbQ2CHJ7N0tEGAv6pf82J+R6yiuCXR8B
tyb2vqq4S/4zuiEEJw5/kc9d0X1FEpMQRGVogaEurGzmi8FJ/EefO/cgfv/Uicvd
PtxpCt+ruglnYwyyjEos7bt0ASOrHPM5Eg13KGe+wpc6QCvUU/s4Sw5Ao587dHon
AYlFwhRy5bPgg3/HDPQCfTt2cx6IOWQUx/nTyp22bNLTCeXEG9Y9
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)


Raw OCSP response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=499992]
Content-Length: [471]
Content-Type: [application/ocsp-response]
Date: [Wed, 06 Jul 2016 11:47:02 GMT]
Etag: ["577ca7ce-1d7"]
Expires: [Tue, 12 Jul 2016 23:47:02 GMT]
Last-Modified: [Wed, 06 Jul 2016 06:40:14 GMT]
Server: [nginx]
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

DigiCert Secure Server CA (CA Certificate)

This certificate was cached at
Certificate details for DigiCert Secure Server CA (At position 1 in certificate chain)
Serial number:
hex: 69e1db77fcf1dfba97af5e5c9a24037
int: 8796353606545229494490896265396764727
Issued by: DigiCert Global Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: DigiCert Inc
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl3.digicert.com/DigiCertGlobalRootCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl3.digicert.com/DigiCertGlobalRootCA.crl
Size: 531 bytes (DER data)
Response time: 11.387732ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: ECS (lga/137F)
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=172800]
Content-Length: [531]
Content-Type: [application/x-pkcs7-crl]
Date: [Mon, 29 Aug 2016 10:37:06 GMT]
Etag: ["3278584563"]
Expires: [Wed, 31 Aug 2016 10:37:06 GMT]
Last-Modified: [Wed, 24 Aug 2016 22:15:03 GMT]
Server: [ECS (lga/137F)]
X-Cache: [HIT]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This CRL was cached at
http://crl4.digicert.com/DigiCertGlobalRootCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl4.digicert.com/DigiCertGlobalRootCA.crl
Size: 531 bytes (DER data)
Response time: 26.911376ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: CFS 0822

Raw CRL response headers

Accept-Ranges: [bytes]
Cf4age: [4]
Cf4ttl: [31536000.000]
Content-Length: [531]
Content-Type: [application/x-pkcs7-crl]
Date: [Mon, 29 Aug 2016 10:37:06 GMT]
Last-Modified: [Wed, 24 Aug 2016 22:15:03 GMT]
Server: [CFS 0822]
X-Cf1: [13483:fD.ewr1:cf:cacheB.ewr1-01:H]
X-Cf2: [H]
X-Cf3: [H]
X-Cfhash: ["d1a1f5572ea46aa5cfd119c36d8e9265"]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.digicert.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.digicert.com (POST)
Size: 471 bytes (DER data)
Response time: 7.833324ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 143h22m20s

Server and network information

Server Software: ECS (lga/1385)
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh/sBYgFV7gQUA95Q
NVbRTLtm8KPiGxvDl7I90VUCEAaeHbd/zx37qXr15cmiQDc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQD3lA1VtFM
u2bwo+IbG8OXsj3RVRgPMjAxNjA3MzEyMTAwMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FIBRBgEyrZrCfVGHoOiH+wFiAVXuBBQD3lA1VtFMu2bwo+IbG8OXsj3RVQIQBp4d
t3/PHfupevXlyaJAN4AAGA8yMDE2MDczMTIxMDAwMFqgERgPMjAxNjA4MDcyMTAw
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAKdHs57ZDAvkOKRLkbasAfd0sSc6b0RO0K
9KaXZviwNmROZkEOvKGVvtLDH2VJFmo5EOES/JMDYZDIQKjRxRN3f6rBCIhdTrqF
mPQ0gwbqO2+UtAfBp4zhXsglkDq0M+bwEBwISxG+Q5EBNECUTPRjnEOeerx/HLxv
WL7DdBU1d8sG2TVOXvQNW5UfbF3WhdeOQsXv1oI5GirAAymcoj4DiWNk06y4RsML
z0e2IfhChKNSwOBJikkGWyGAqjO5fa0utuKO2o6wsICigmkwPb9QW8KJR0Z5oLEB
ql77Ij95CPkL0S5tlQtzBh3vmmvOwS4jqVJ6GGwCj6DzYx91kOWG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)


Raw OCSP response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=516140]
Content-Length: [471]
Content-Type: [application/ocsp-response]
Date: [Mon, 01 Aug 2016 08:28:55 GMT]
Etag: ["579ee0fa-1d7"]
Expires: [Sun, 07 Aug 2016 20:28:55 GMT]
Last-Modified: [Mon, 01 Aug 2016 05:41:14 GMT]
Server: [ECS (lga/1385)]
X-Cache: [HIT]
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.digicert.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.digicert.com (GET)
Size: 471 bytes (DER data)
Response time: 4.082828ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 138h23m7s

Server and network information

Server Software: ECS (lga/1399)
Cache Information: HIT

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAaeHbd%2Fzx37qXr15cmiQDc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh/sBYgFV7gQUA95Q
NVbRTLtm8KPiGxvDl7I90VUCEAaeHbd/zx37qXr15cmiQDc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQD3lA1VtFM
u2bwo+IbG8OXsj3RVRgPMjAxNjA3MzEyMTAwMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FIBRBgEyrZrCfVGHoOiH+wFiAVXuBBQD3lA1VtFMu2bwo+IbG8OXsj3RVQIQBp4d
t3/PHfupevXlyaJAN4AAGA8yMDE2MDczMTIxMDAwMFqgERgPMjAxNjA4MDcyMTAw
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAKdHs57ZDAvkOKRLkbasAfd0sSc6b0RO0K
9KaXZviwNmROZkEOvKGVvtLDH2VJFmo5EOES/JMDYZDIQKjRxRN3f6rBCIhdTrqF
mPQ0gwbqO2+UtAfBp4zhXsglkDq0M+bwEBwISxG+Q5EBNECUTPRjnEOeerx/HLxv
WL7DdBU1d8sG2TVOXvQNW5UfbF3WhdeOQsXv1oI5GirAAymcoj4DiWNk06y4RsML
z0e2IfhChKNSwOBJikkGWyGAqjO5fa0utuKO2o6wsICigmkwPb9QW8KJR0Z5oLEB
ql77Ij95CPkL0S5tlQtzBh3vmmvOwS4jqVJ6GGwCj6DzYx91kOWG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)


Raw OCSP response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=498187]
Content-Length: [471]
Content-Type: [application/ocsp-response]
Date: [Mon, 01 Aug 2016 08:28:55 GMT]
Etag: ["579e8ca6-1d7"]
Expires: [Sun, 07 Aug 2016 20:28:55 GMT]
Last-Modified: [Sun, 31 Jul 2016 23:41:26 GMT]
Server: [ECS (lga/1399)]
X-Cache: [HIT]
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

DigiCert Global Root CA (CA Certificate)

This certificate was cached at
Certificate details for DigiCert Global Root CA (At position 2 in certificate chain)
Serial number:
hex: 83be056904246b1a1756ac95991c74a
int: 10944719598952040374951832963794454346
Issued by: DigiCert Global Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven