Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://fukui.ltta.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=fukui.ltta.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=fukui.ltta.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=fukui.ltta.jp
And you can
check your domain name
.
#
Certificate of
fukui.ltta.jp
{ "serial": "0482B0CEEA39F7D9EE4026EC74267EFE", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "fukui.ltta.jp", "port": 443, "subjectAltName": "DNS:ltta.jp, DNS:fukui.ltta.jp, DNS:fukushima.ltta.jp, DNS:tochigi.ltta.jp, DNS:kyoto.ltta.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2023/07/01 09:00:00", "expires_at": "2024/07/31 08:59:59", "today": "2024/04/28 06:46:46", "UTC": { "updated_at": "2023-07-01T00:00:00Z", "expires_at": "2024-07-30T23:59:59Z", "today": "2024-04-27T21:46:46Z" }, "remaining_days": 94 }
#
OCSP response of
fukui.ltta.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C03152CD5A50C3827C7471CECBE99CF97AEB82E2 Produced At: Apr 26 11:36:30 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 666D0B709C89E4BE4BEBEC134547E4B695360F8C Issuer Key Hash: C03152CD5A50C3827C7471CECBE99CF97AEB82E2 Serial Number: 0482B0CEEA39F7D9EE4026EC74267EFE Cert Status: good This Update: Apr 26 11:21:02 2024 GMT Next Update: May 3 10:21:02 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 4d:cf:e9:8a:76:2d:9c:24:3a:a8:5b:0c:66:f2:6f:02:2e:44: 02:e8:e4:d3:dc:bc:b9:fc:fb:a9:9e:0e:b4:8f:fe:4a:49:be: 6c:23:b8:7e:c2:ec:9c:bf:a6:3e:31:f9:82:ab:9a:f6:68:19: aa:37:91:1e:c2:cb:c5:d2:ba:24:8a:37:4c:39:b3:bc:4b:25: 19:9c:cf:93:08:f0:51:d8:05:df:ce:d7:29:02:8a:3d:51:f0: 03:60:01:41:12:92:8d:a1:d0:41:b1:2f:06:bf:26:78:41:2b: 0a:8c:0b:b0:81:51:3e:f7:41:4e:14:ec:9d:13:3e:9a:26:ed: 55:c3:00:f2:0e:21:07:07:e9:ec:46:90:96:af:9b:8f:e9:eb: 6e:74:e3:b5:91:d3:44:51:93:8e:5e:cc:48:59:1c:dd:a4:05: 6b:f9:bd:10:65:20:9c:3e:90:ba:cb:2b:ba:19:f5:2d:0f:75: b8:17:e7:70:e8:30:22:eb:9b:a6:44:99:f8:99:50:1f:7a:38: 89:e0:0a:1c:76:f3:79:02:7e:2a:61:db:04:14:bb:97:ef:5e: 84:05:3e:a6:a3:c6:8d:e6:9e:22:fd:47:80:26:02:7d:21:f3: 90:f0:dc:91:bd:b7:70:09:44:77:2b:cd:7c:fd:24:a7:3f:02: 16:9d:19:51 ====================================== --- Certificate chain 0 s:CN = ltta.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M02 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 1 00:00:00 2023 GMT; NotAfter: Jul 30 23:59:59 2024 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M02 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:25:30 2022 GMT; NotAfter: Aug 23 22:25:30 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIQBIKwzuo599nuQCbsdCZ+/jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDcwMTAwMDAwMFoXDTI0MDczMDIzNTk1OVowEjEQ MA4GA1UEAxMHbHR0YS5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKBL7Ng6bRH5uPUZmjYZFuwCo5WfyfD3dNsBlIwLfGrmrrrDJKMDA5sJcAZPkWDP rl6Eevqbf81FoPooYIFywiu7y7sVRXYBgbEVWac3sScPeawuCWAxTF3F5DUUrBYk /58VO52pRucZSqqFAoHFQk33F8kQGLAnRVYtgb+kKd1nigtCoJZcQQ4GI6+AdTK2 Gcqqb49h2ksKVyD7eag2t1WSbwX4r9QCmxfBT2/NSdx7XK8eeqiXupGscrNBpg5b RRyiFTSOCTGVx3H9ARx7Onj/BQxJuJjxk0atXqdHU5xy5pVYovtOJ9/AlbKgwRTv 9c8y7Xnbgwgq/a32o7wqLRsCAwEAAaOCAyEwggMdMB8GA1UdIwQYMBaAFMAxUs1a UMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTxN7dzHWSUqlP97+t4plzCaSxPPTBU BgNVHREETTBLggdsdHRhLmpwgg1mdWt1aS5sdHRhLmpwghFmdWt1c2hpbWEubHR0 YS5qcIIPdG9jaGlnaS5sdHRhLmpwgg1reW90by5sdHRhLmpwMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAw oC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3Js MBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw AYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC hipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD VR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA7s3QZNXbGs7F XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJD6z5cAAABAMARzBFAiBGwMI9pr1p 6y3IAR6MyVyyTcHSgEryYfpsUO4hal6tAgIhAJjwJeyK3KY9JXwOwJVi4Tpi3wt5 L3MlRIhCaE3gMZMAAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMA AAGJD6z51gAABAMARzBFAiA1sHvkLEhmb6VI4TNTgdlP6MFJYPzcECFWbAXUl+ZJ tAIhAItazNqBQbomWisEe0riFu16s+PdmY7yACGmcaB3Udh2AHUA2ra/az+1tiKf m8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJD6z5rwAABAMARjBEAiBL++gX1cEr B0zGjpDvrOVg0k4TBwyh2Pggl30OKYbdugIgSAgxfXbbwMJt1lJ1md2KWKsjdoZA FeENGClHSv4MFIAwDQYJKoZIhvcNAQELBQADggEBAHR8Z3vnB0SG8+cK8ZO8fazC lsLWOfCfHgSJCtfXm/1lFAEU3dkPWYxhdKN/BMMMYMZWtSNo0aYnR+IIMlqOKB5R iCC0mle+2uI01LUEJui+nw4g199ZRwA+zJAKJpqijJwc9zCzssUGYqba0GZWb2Rk BEez6ydNdfinSG6A6BxwURGTIL7U2rmjHKf7NOmZggO3te/Y9uIVS6zVVmFv/TnP m5qHvAxH+XEVoa4nO1d0uU2vzfcg3I0TpI44fgIMjJtaWKeXOpqATJiLmiGwfD7I ylM6bC+pVwV5tm6KgNN/fwE05eJBVAK2AlgzYDmUk46xRXWyOog8xpE+WsDXGHE= -----END CERTIFICATE----- subject=CN = ltta.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M02 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 6014 bytes and written 388 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
fukui.ltta.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.