Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://e-tan.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=e-tan.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=e-tan.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=e-tan.jp
And you can
check your domain name
.
#
Certificate of
e-tan.jp
{ "serial": "2B4F804837A678C297E07CE85D49A153", "OCSP_serial": "2B4F804837A678C297E07CE85D49A153", "OCSP_cert_status": "good", "OCSP_this_update": "Apr 27 09:09:02 2024 GMT", "OCSP_next_update": "May 1 09:09:02 2024 GMT", "domainName": "e-tan.jp", "port": 443, "subjectAltName": "DNS:e-tan.jp, DNS:www.e-tan.jp", "is_valid": true, "CA": "Japan Registry Services Co., Ltd.", "updated_at": "2023/10/29 12:41:13", "expires_at": "2024/10/31 23:59:59", "today": "2024/04/28 03:24:09", "UTC": { "updated_at": "2023-10-29T03:41:13Z", "expires_at": "2024-10-31T14:59:59Z", "today": "2024-04-27T18:24:09Z" }, "remaining_days": 186 }
#
OCSP response of
e-tan.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: EBE64FD38B1C6CC8F8D9DF95C4F62D765E18B127 Produced At: Apr 27 18:20:11 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 1DB449849554FCAAF967B74DC546361AF782AF8F Issuer Key Hash: 7C24CE0DA4382DC7B3635EA7787A8D1D4C2EC715 Serial Number: 2B4F804837A678C297E07CE85D49A153 Cert Status: good This Update: Apr 27 09:09:02 2024 GMT Next Update: May 1 09:09:02 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 22:67:58:73:a4:1d:e5:b5:7e:36:d1:90:04:9b:2d:dc:a8:17: 60:34:ef:a2:f3:a2:7a:cc:f5:58:96:76:a7:94:50:74:76:08: 10:49:ca:33:1b:1e:02:f4:30:a8:2b:3c:09:87:68:a0:5f:e5: db:df:a1:fa:42:c9:b5:bb:aa:60:15:25:10:7d:46:79:32:aa: 98:b4:81:41:dd:b5:a4:1a:e8:77:61:4f:ab:32:5d:c5:13:3b: 63:c0:a5:b7:9c:f8:96:ab:7c:2b:bb:a4:d5:df:79:39:fb:d8: 8f:13:e2:bd:13:43:77:53:d7:92:4f:c1:d5:d1:5c:9f:ac:30: b0:9e:5a:58:79:36:94:30:34:f6:de:48:e5:8e:92:61:9a:b6: c9:df:35:b6:68:d5:17:d5:71:54:54:2a:fa:3e:95:a5:c8:dc: 6f:cd:91:2c:ba:f2:f4:b6:89:87:0d:ce:b2:11:6b:03:60:87: 02:47:ec:50:a4:3a:62:a1:c8:de:9c:3a:ce:c8:87:b8:e9:88: 4a:ba:19:e5:9f:ea:25:2f:5c:9c:c5:74:0d:ba:3f:eb:a1:53: bd:c8:54:65:a3:e3:8e:56:47:70:53:82:6f:bf:fd:2a:e3:60: f2:59:1d:4f:6b:17:ec:d8:65:1b:a1:7c:ea:d0:e7:4e:3e:91: b6:17:66:fb Certificate: Data: Version: 3 (0x2) Serial Number: 47:25:9a:7c:ae:81:87:e9:06:27:c2:56:a5:99:b2:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: C=JP, O=Japan Registry Services Co., Ltd., CN=JPRS Domain Validation Authority - G4 Validity Not Before: Mar 6 06:10:15 2024 GMT Not After : Jul 8 06:10:15 2024 GMT Subject: C=JP, O=Japan Registry Services Co., Ltd., CN=JPRS Domain Validation Authority - G4 OCSP Responder Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ae:a3:86:1e:f6:16:db:b0:be:88:44:5a:19:36: c3:9d:a7:8a:42:f4:9e:52:00:66:82:21:06:c2:5f: 6b:f7:1a:1e:23:4e:43:35:dd:89:79:59:7a:57:93: 61:e0:43:ef:1e:d4:a6:a2:be:28:73:4e:bf:aa:aa: d8:c0:41:49:2d:e1:4f:b9:f0:3d:db:32:82:fd:2c: 0e:77:e1:ef:e5:f3:e3:7d:9b:54:bc:fb:28:4f:bf: 3f:ac:94:be:6f:0a:30:a2:59:0b:21:6f:d8:cf:20: ac:0f:0a:fa:30:ae:cf:e2:e6:90:f8:b4:63:f9:75: eb:24:a0:ba:fd:b0:a0:f7:77:e2:d2:0f:b0:ea:24: 02:8b:f7:eb:aa:18:da:46:9c:ea:05:17:b7:81:d7: 2c:85:50:8b:22:f8:ba:4b:34:3b:96:17:ee:c8:ef: d0:d6:ba:bb:d7:c8:a1:9f:f1:46:04:d7:c4:25:65: 96:47:3d:67:dd:1a:6b:8c:34:6a:1f:b5:b6:e8:9a: a4:99:34:96:6a:6d:a9:c9:c5:62:40:f7:f8:93:d8: 1b:bc:98:b7:40:c3:56:e8:09:c8:71:83:61:54:08: 27:68:e3:fb:db:26:6f:7e:a0:c7:c5:9f:5c:94:b1: 7b:a6:88:df:3b:49:14:ce:b8:c9:76:06:2f:a6:7f: d0:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 7C:24:CE:0D:A4:38:2D:C7:B3:63:5E:A7:78:7A:8D:1D:4C:2E:C7:15 OCSP No Check: X509v3 Extended Key Usage: OCSP Signing X509v3 Subject Key Identifier: EB:E6:4F:D3:8B:1C:6C:C8:F8:D9:DF:95:C4:F6:2D:76:5E:18:B1:27 X509v3 Key Usage: critical Digital Signature Signature Algorithm: sha256WithRSAEncryption Signature Value: 1f:27:30:cc:d2:15:e6:70:32:9b:bb:bb:55:c9:78:d9:d7:07: 0a:ec:85:a3:94:99:4c:36:7f:95:8a:18:c0:0a:77:7c:e2:e4: 8c:13:f7:fa:87:bf:bc:9e:4e:03:90:b9:45:ee:74:03:f5:2f: 4e:9b:f8:f1:13:1f:b5:33:ae:ba:50:4c:fa:20:cd:0f:4a:71: a9:3f:14:ad:3b:a4:e9:61:1c:13:40:63:e4:3d:76:7d:b3:df: 54:38:46:c8:57:5a:44:17:07:09:a0:ce:49:0c:a5:27:a8:37: ed:15:30:e6:92:3f:93:88:a1:e1:df:11:2a:ed:93:f1:5e:3c: 95:b7:f7:8c:a4:ac:6c:fd:b2:8f:f0:f2:64:35:26:cc:55:b5: d1:9a:27:82:42:91:9a:66:05:e5:20:be:c4:cb:dd:7a:39:6b: 60:a8:a2:f4:44:54:1e:e4:0e:44:5e:98:37:9e:ac:37:87:3e: aa:ac:90:1c:48:c5:54:a1:58:ff:d2:49:73:62:8c:6a:7c:7a: 14:7d:72:fe:be:ce:45:47:a5:06:51:b8:14:a2:f5:46:11:88: 61:4d:24:02:a3:d7:25:ea:60:ed:9b:bf:0e:12:93:a5:1c:b0: 42:04:41:72:5e:6f:e6:8d:dd:d4:67:c9:ff:e6:2b:6c:13:1e: 98:3c:53:5a -----BEGIN CERTIFICATE----- MIID4zCCAsugAwIBAgIQRyWafK6Bh+kGJ8JWpZmy9zANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJKUDEqMCgGA1UEChMhSmFwYW4gUmVnaXN0cnkgU2VydmljZXMg Q28uLCBMdGQuMS4wLAYDVQQDEyVKUFJTIERvbWFpbiBWYWxpZGF0aW9uIEF1dGhv cml0eSAtIEc0MB4XDTI0MDMwNjA2MTAxNVoXDTI0MDcwODA2MTAxNVoweDELMAkG A1UEBhMCSlAxKjAoBgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwg THRkLjE9MDsGA1UEAxM0SlBSUyBEb21haW4gVmFsaWRhdGlvbiBBdXRob3JpdHkg LSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6jhh72FtuwvohEWhk2w52nikL0nlIAZoIhBsJfa/caHiNOQzXdiXlZeleT YeBD7x7UpqK+KHNOv6qq2MBBSS3hT7nwPdsygv0sDnfh7+Xz432bVLz7KE+/P6yU vm8KMKJZCyFv2M8grA8K+jCuz+LmkPi0Y/l16ySguv2woPd34tIPsOokAov366oY 2kac6gUXt4HXLIVQiyL4uks0O5YX7sjv0Na6u9fIoZ/xRgTXxCVllkc9Z90aa4w0 ah+1tuiapJk0lmptqcnFYkD3+JPYG7yYt0DDVugJyHGDYVQIJ2jj+9smb36gx8Wf XJSxe6aI3ztJFM64yXYGL6Z/0CcCAwEAAaN4MHYwHwYDVR0jBBgwFoAUfCTODaQ4 LcezY16neHqNHUwuxxUwDwYJKwYBBQUHMAEFBAIFADATBgNVHSUEDDAKBggrBgEF BQcDCTAdBgNVHQ4EFgQU6+ZP04scbMj42d+VxPYtdl4YsScwDgYDVR0PAQH/BAQD AgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAfJzDM0hXmcDKbu7tVyXjZ1wcK7IWjlJlM Nn+VihjACnd84uSME/f6h7+8nk4DkLlF7nQD9S9Om/jxEx+1M666UEz6IM0PSnGp PxStO6TpYRwTQGPkPXZ9s99UOEbIV1pEFwcJoM5JDKUnqDftFTDmkj+TiKHh3xEq 7ZPxXjyVt/eMpKxs/bKP8PJkNSbMVbXRmieCQpGaZgXlIL7Ey916OWtgqKL0RFQe 5A5EXpg3nqw3hz6qrJAcSMVUoVj/0klzYoxqfHoUfXL+vs5FR6UGUbgUovVGEYhh TSQCo9cl6mDtm78OEpOlHLBCBEFyXm/mjd3UZ8n/5itsEx6YPFNa -----END CERTIFICATE----- ====================================== --- Certificate chain 0 s:CN = e-tan.jp i:C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Oct 29 03:41:13 2023 GMT; NotAfter: Oct 31 14:59:59 2024 GMT 1 s:C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 i:C = JP, O = "SECOM Trust Systems CO.,LTD.", OU = Security Communication RootCA2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 22 10:40:53 2020 GMT; NotAfter: May 29 05:00:39 2029 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIGxzCCBa+gAwIBAgIQK0+ASDemeMKX4HzoXUmhUzANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJKUDEqMCgGA1UEChMhSmFwYW4gUmVnaXN0cnkgU2VydmljZXMg Q28uLCBMdGQuMS4wLAYDVQQDEyVKUFJTIERvbWFpbiBWYWxpZGF0aW9uIEF1dGhv cml0eSAtIEc0MB4XDTIzMTAyOTAzNDExM1oXDTI0MTAzMTE0NTk1OVowEzERMA8G A1UEAxMIZS10YW4uanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT JMTNuGiXzcOR7EHC/Dfder7ynXke7+cEWVE55B9J5uWNA1x4r49JwNiZ0S6vK8KX 4lXJ0Dl+AHVZNVK3srTQgixVP4Z0tsJ7TlZRen6KL+SC0rf1lusG2PFZqM6qy2hZ yVEuyPOJMpD2kcoJlPV9NtYGpBlCUNh9BpDQ8joTw8PsvmPTfH5Z08JzOJFw7Bb0 KKzTGLPB00JpUjRsDfv2FM1V8ze2z6rSkXX7POlfF8sev9v3wQDHTUAzO1e9nfVe t30THJc/va1e/2qqscsvpOzs5Lh09M6k7VxT7cZRwf+Ldo1xnIeyDNfc9oWl9UDa T11M0oKJWVX4WaLd6Vl/AgMBAAGjggO/MIIDuzAfBgNVHSMEGDAWgBR8JM4NpDgt x7NjXqd4eo0dTC7HFTCBkAYIKwYBBQUHAQEEgYMwgYAwTwYIKwYBBQUHMAKGQ2h0 dHA6Ly9yZXBvLnB1YmNlcnQuanBycy5qcC9zcHBjYS9qcHJzL2R2Y2FfZzQvSlBS U19EVkNBX0c0X0RFUi5jZXIwLQYIKwYBBQUHMAGGIWh0dHA6Ly9kdi5nNC5vY3Nw LnB1YmNlcnQuanBycy5qcDAhBgNVHREEGjAYgghlLXRhbi5qcIIMd3d3LmUtdGFu LmpwMFkGA1UdIARSMFAwRAYLKwYBBAGDpEMBAQQwNTAzBggrBgEFBQcCARYnaHR0 cDovL2pwcnMuanAvcHViY2VydC9pbmZvL3JlcG9zaXRvcnkvMAgGBmeBDAECATAT BgNVHSUEDDAKBggrBgEFBQcDATBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vcmVw by5wdWJjZXJ0LmpwcnMuanAvc3BwY2EvanBycy9kdmNhX2c0L2Z1bGxjcmwuY3Js MB0GA1UdDgQWBBRnc4W1t5aaMMlO8+Efg9a1G2k5ZTAOBgNVHQ8BAf8EBAMCBaAw ggH0BgorBgEEAdZ5AgQCBIIB5ASCAeAB3gB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8 vOzew1FIWUZxH7WbAAABi3mOpmkAAAQDAEcwRQIhAJ4Q7A8FS8iikUKnh+gh5n4y 5xd/vJ0DL5gZDniVaypiAiAxAEIP69l6T/tp61xlEooVW7hOYWfcEPIUzPViOV1D xQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABi3mOp/UAAAQD AEYwRAIgKQcNHWpC1qjp3oymuzvBs9XUbQSDMx6N63P+0OIuu3sCIGDuZZ8fd2Aw JoGhXFcH1PSW43j14SbEEdBajDOOyK/iAHUASLDja9qmRzQP5WoC+p0w6xxSActW 3SyB2bu/qznYhHMAAAGLeY6rqQAABAMARjBEAiAw4waYEYjlX9rgr0EBN4vV+B2/ dbROxmMDSBE2FJLdzQIgI2TlUXn2nw/10l6bI92GLQsAD73j1wR4fcdm/SAqGdEA dgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYt5jq1oAAAEAwBH MEUCIA2GaPhBGpNkFVb6tnt/rZbN7a/izqjETmmZjBm2KSj2AiEA2BCuEzVn5dY8 Jd2pde9GQaDm4P4n0kRhAkKyaqcuCV4wDQYJKoZIhvcNAQELBQADggEBAFkXs94Q yW9qrt9LL2o8qvbE2NEetYMRsLGD66Hb6G1qfBYSyX4HLaZchOoVbDPLY0LY6U6j rz9PbSgfLJNbW5KdaPWQ7tyRUBmOmJ2VIBQR7tUttjFX9qahWru80OnZbz2bSfic YIdTLQgEqTew/9HPgSBz9KB4TKnPf3mVjC4GfTKLFMd80ceHhGMZ7KbSOwY8mnxJ vlGLucxhiGCJIE08eXl8H3RVGReNA+WqiNm39ShyMV2HdKeynpD21DF7QHEf7c9x XZKfR8ApIm8FC52lJyqiVG20QgZIRCcJk4lJbcwWv0PzAl4sNHi0nQdH7beaghR7 pT1OEVwGQhS82kY= -----END CERTIFICATE----- subject=CN = e-tan.jp issuer=C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 --- No client certificate CA names sent Peer signing digest: SHA512 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5200 bytes and written 445 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: BD51201EE6B534E19AD7CD36DE1A86243834CB52E208FC3FA245C25F04EEF63C Session-ID-ctx: Master-Key: 0A26F8F3EB4ED39EB22FBADE1AD5A7B052B5630E532A0356BE50DD973142DA27E0196B88F9B2B1074F42187035930D2B PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - ca 7f 39 11 97 a0 86 1c-8e d5 8e 58 84 fa 99 fa ..9........X.... 0010 - bb ef 1a f4 e4 38 20 59-9b d6 6a 32 1d 93 9f d4 .....8 Y..j2.... 0020 - e5 b8 6f 94 b5 34 6a fa-e7 01 46 93 27 3b 53 e0 ..o..4j...F.';S. 0030 - 31 87 13 ff 84 78 b1 23-33 29 3c 7f 8a 28 14 1d 1....x.#3)<..(.. 0040 - 0d f9 cf b2 98 11 68 f9-00 0f 30 e3 77 4f e1 46 ......h...0.wO.F 0050 - 16 bd 88 84 9a ca 4b e6-73 96 ee 52 22 0a 00 f6 ......K.s..R"... 0060 - d9 5d 0e e9 97 7d e8 08-74 3c a6 77 14 66 da b1 .]...}..t<.w.f.. 0070 - 13 16 8f c9 88 f6 f1 10-26 89 e5 18 cc aa de 1a ........&....... 0080 - ab aa fd e9 14 97 c3 80-8f 9a 0a d1 4c fa 12 eb ............L... 0090 - d9 5b 99 7d ac b6 15 e3-f0 a0 f6 77 0e 49 76 f1 .[.}.......w.Iv. 00a0 - 61 5e 58 f4 4c 61 9c 23-c3 29 be 55 c5 d5 69 11 a^X.La.#.).U..i. 00b0 - 1b 17 6f c9 60 54 e8 17-67 dc 47 9f c9 53 84 2d ..o.`T..g.G..S.- Start Time: 1714242249 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no ---
#
OCSP response of
e-tan.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.