Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://gizin.co.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=gizin.co.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=gizin.co.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=gizin.co.jp
And you can
check your domain name
.
#
Certificate of
gizin.co.jp
{ "serial": "7025A32FE4372644725A0562045E3B1B", "OCSP_serial": "7025A32FE4372644725A0562045E3B1B", "OCSP_cert_status": "good", "OCSP_this_update": "Apr 27 09:09:02 2024 GMT", "OCSP_next_update": "May 1 09:09:02 2024 GMT", "domainName": "gizin.co.jp", "port": 443, "subjectAltName": "DNS:gizin.co.jp, DNS:www.gizin.co.jp", "is_valid": true, "CA": "Japan Registry Services Co., Ltd.", "updated_at": "2024/02/28 14:31:40", "expires_at": "2025/02/28 23:59:59", "today": "2024/04/28 00:53:45", "UTC": { "updated_at": "2024-02-28T05:31:40Z", "expires_at": "2025-02-28T14:59:59Z", "today": "2024-04-27T15:53:45Z" }, "remaining_days": 306 }
#
OCSP response of
gizin.co.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: EBE64FD38B1C6CC8F8D9DF95C4F62D765E18B127 Produced At: Apr 27 15:29:20 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 1DB449849554FCAAF967B74DC546361AF782AF8F Issuer Key Hash: 7C24CE0DA4382DC7B3635EA7787A8D1D4C2EC715 Serial Number: 7025A32FE4372644725A0562045E3B1B Cert Status: good This Update: Apr 27 09:09:02 2024 GMT Next Update: May 1 09:09:02 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 07:35:b3:44:aa:ae:55:3c:a1:b5:1f:9c:ae:17:3e:c8:04:34: ea:cb:53:80:4f:97:3b:39:a9:48:22:d1:eb:f9:13:6e:e0:3c: 4a:7b:03:07:14:fa:3c:e9:af:b6:5e:15:9d:05:8b:e7:53:9c: 8c:ce:be:23:00:a4:23:ae:82:5c:98:9c:10:4a:e2:2b:96:59: e0:de:97:6f:a5:23:ac:de:23:f3:fc:99:54:9a:df:11:4d:6a: 48:e4:38:0f:6f:cb:02:1b:f1:bf:94:10:d3:4a:c3:f2:8d:21: 4b:38:48:50:7c:fb:33:10:f8:3c:e6:47:08:3b:7b:f0:98:c3: 96:b9:30:d2:ea:fd:31:50:17:d5:d2:58:e3:4e:e8:c3:44:20: f5:5c:a8:c3:a9:af:3e:fe:0e:1a:5f:d7:b3:60:f8:bb:6b:1a: c4:d0:b1:51:cd:2a:5d:32:73:b0:8f:a0:28:3a:8b:da:c5:8b: db:e8:e0:4f:64:20:fd:c6:68:c4:ee:3f:8d:0b:d4:5f:ad:e9: f2:4d:09:ba:da:ec:ec:50:ce:1d:b9:bd:5f:a7:2e:c2:c1:3c: 4d:ec:45:04:79:12:28:63:59:09:da:06:d5:55:4e:fe:11:38: 50:1f:38:37:94:4d:c0:8b:d7:35:6c:62:13:ee:ad:0f:cd:e5: 54:36:cd:80 Certificate: Data: Version: 3 (0x2) Serial Number: 47:25:9a:7c:ae:81:87:e9:06:27:c2:56:a5:99:b2:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: C=JP, O=Japan Registry Services Co., Ltd., CN=JPRS Domain Validation Authority - G4 Validity Not Before: Mar 6 06:10:15 2024 GMT Not After : Jul 8 06:10:15 2024 GMT Subject: C=JP, O=Japan Registry Services Co., Ltd., CN=JPRS Domain Validation Authority - G4 OCSP Responder Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ae:a3:86:1e:f6:16:db:b0:be:88:44:5a:19:36: c3:9d:a7:8a:42:f4:9e:52:00:66:82:21:06:c2:5f: 6b:f7:1a:1e:23:4e:43:35:dd:89:79:59:7a:57:93: 61:e0:43:ef:1e:d4:a6:a2:be:28:73:4e:bf:aa:aa: d8:c0:41:49:2d:e1:4f:b9:f0:3d:db:32:82:fd:2c: 0e:77:e1:ef:e5:f3:e3:7d:9b:54:bc:fb:28:4f:bf: 3f:ac:94:be:6f:0a:30:a2:59:0b:21:6f:d8:cf:20: ac:0f:0a:fa:30:ae:cf:e2:e6:90:f8:b4:63:f9:75: eb:24:a0:ba:fd:b0:a0:f7:77:e2:d2:0f:b0:ea:24: 02:8b:f7:eb:aa:18:da:46:9c:ea:05:17:b7:81:d7: 2c:85:50:8b:22:f8:ba:4b:34:3b:96:17:ee:c8:ef: d0:d6:ba:bb:d7:c8:a1:9f:f1:46:04:d7:c4:25:65: 96:47:3d:67:dd:1a:6b:8c:34:6a:1f:b5:b6:e8:9a: a4:99:34:96:6a:6d:a9:c9:c5:62:40:f7:f8:93:d8: 1b:bc:98:b7:40:c3:56:e8:09:c8:71:83:61:54:08: 27:68:e3:fb:db:26:6f:7e:a0:c7:c5:9f:5c:94:b1: 7b:a6:88:df:3b:49:14:ce:b8:c9:76:06:2f:a6:7f: d0:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 7C:24:CE:0D:A4:38:2D:C7:B3:63:5E:A7:78:7A:8D:1D:4C:2E:C7:15 OCSP No Check: X509v3 Extended Key Usage: OCSP Signing X509v3 Subject Key Identifier: EB:E6:4F:D3:8B:1C:6C:C8:F8:D9:DF:95:C4:F6:2D:76:5E:18:B1:27 X509v3 Key Usage: critical Digital Signature Signature Algorithm: sha256WithRSAEncryption Signature Value: 1f:27:30:cc:d2:15:e6:70:32:9b:bb:bb:55:c9:78:d9:d7:07: 0a:ec:85:a3:94:99:4c:36:7f:95:8a:18:c0:0a:77:7c:e2:e4: 8c:13:f7:fa:87:bf:bc:9e:4e:03:90:b9:45:ee:74:03:f5:2f: 4e:9b:f8:f1:13:1f:b5:33:ae:ba:50:4c:fa:20:cd:0f:4a:71: a9:3f:14:ad:3b:a4:e9:61:1c:13:40:63:e4:3d:76:7d:b3:df: 54:38:46:c8:57:5a:44:17:07:09:a0:ce:49:0c:a5:27:a8:37: ed:15:30:e6:92:3f:93:88:a1:e1:df:11:2a:ed:93:f1:5e:3c: 95:b7:f7:8c:a4:ac:6c:fd:b2:8f:f0:f2:64:35:26:cc:55:b5: d1:9a:27:82:42:91:9a:66:05:e5:20:be:c4:cb:dd:7a:39:6b: 60:a8:a2:f4:44:54:1e:e4:0e:44:5e:98:37:9e:ac:37:87:3e: aa:ac:90:1c:48:c5:54:a1:58:ff:d2:49:73:62:8c:6a:7c:7a: 14:7d:72:fe:be:ce:45:47:a5:06:51:b8:14:a2:f5:46:11:88: 61:4d:24:02:a3:d7:25:ea:60:ed:9b:bf:0e:12:93:a5:1c:b0: 42:04:41:72:5e:6f:e6:8d:dd:d4:67:c9:ff:e6:2b:6c:13:1e: 98:3c:53:5a -----BEGIN CERTIFICATE----- MIID4zCCAsugAwIBAgIQRyWafK6Bh+kGJ8JWpZmy9zANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJKUDEqMCgGA1UEChMhSmFwYW4gUmVnaXN0cnkgU2VydmljZXMg Q28uLCBMdGQuMS4wLAYDVQQDEyVKUFJTIERvbWFpbiBWYWxpZGF0aW9uIEF1dGhv cml0eSAtIEc0MB4XDTI0MDMwNjA2MTAxNVoXDTI0MDcwODA2MTAxNVoweDELMAkG A1UEBhMCSlAxKjAoBgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwg THRkLjE9MDsGA1UEAxM0SlBSUyBEb21haW4gVmFsaWRhdGlvbiBBdXRob3JpdHkg LSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6jhh72FtuwvohEWhk2w52nikL0nlIAZoIhBsJfa/caHiNOQzXdiXlZeleT YeBD7x7UpqK+KHNOv6qq2MBBSS3hT7nwPdsygv0sDnfh7+Xz432bVLz7KE+/P6yU vm8KMKJZCyFv2M8grA8K+jCuz+LmkPi0Y/l16ySguv2woPd34tIPsOokAov366oY 2kac6gUXt4HXLIVQiyL4uks0O5YX7sjv0Na6u9fIoZ/xRgTXxCVllkc9Z90aa4w0 ah+1tuiapJk0lmptqcnFYkD3+JPYG7yYt0DDVugJyHGDYVQIJ2jj+9smb36gx8Wf XJSxe6aI3ztJFM64yXYGL6Z/0CcCAwEAAaN4MHYwHwYDVR0jBBgwFoAUfCTODaQ4 LcezY16neHqNHUwuxxUwDwYJKwYBBQUHMAEFBAIFADATBgNVHSUEDDAKBggrBgEF BQcDCTAdBgNVHQ4EFgQU6+ZP04scbMj42d+VxPYtdl4YsScwDgYDVR0PAQH/BAQD AgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAfJzDM0hXmcDKbu7tVyXjZ1wcK7IWjlJlM Nn+VihjACnd84uSME/f6h7+8nk4DkLlF7nQD9S9Om/jxEx+1M666UEz6IM0PSnGp PxStO6TpYRwTQGPkPXZ9s99UOEbIV1pEFwcJoM5JDKUnqDftFTDmkj+TiKHh3xEq 7ZPxXjyVt/eMpKxs/bKP8PJkNSbMVbXRmieCQpGaZgXlIL7Ey916OWtgqKL0RFQe 5A5EXpg3nqw3hz6qrJAcSMVUoVj/0klzYoxqfHoUfXL+vs5FR6UGUbgUovVGEYhh TSQCo9cl6mDtm78OEpOlHLBCBEFyXm/mjd3UZ8n/5itsEx6YPFNa -----END CERTIFICATE----- ====================================== --- Certificate chain 0 s:CN = gizin.co.jp i:C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Feb 28 05:31:40 2024 GMT; NotAfter: Feb 28 14:59:59 2025 GMT 1 s:C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 i:C = JP, O = "SECOM Trust Systems CO.,LTD.", OU = Security Communication RootCA2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 22 10:40:53 2020 GMT; NotAfter: May 29 05:00:39 2029 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIG0jCCBbqgAwIBAgIQcCWjL+Q3JkRyWgViBF47GzANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJKUDEqMCgGA1UEChMhSmFwYW4gUmVnaXN0cnkgU2VydmljZXMg Q28uLCBMdGQuMS4wLAYDVQQDEyVKUFJTIERvbWFpbiBWYWxpZGF0aW9uIEF1dGhv cml0eSAtIEc0MB4XDTI0MDIyODA1MzE0MFoXDTI1MDIyODE0NTk1OVowFjEUMBIG A1UEAxMLZ2l6aW4uY28uanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDR2wqp4Gok7seBvL0QrcxhnUcoUYHdqcAGEGi2W19uDvMMe94ZmRfED4kCTE+c hwc6baLuUjKDfckstC3Kd9y6i1mbgnoYcCvThrZjdSzEMcEfwTq56qD7slOX1C8P OKuFIbh85YBOBeeO2dVgu4wMhLZE7yKHASu1yOfQxzIcZ2614B+yItXsSspOzCxR 51w1Li9+mD4jYfuXQ8AF6sBGr4yItN4b0Z7QefZluo7FJ6qoaSSlyIGVHQLMuOgE KkfgqAY+IT2/NPaZHN/6oBK3MIsYXhxsd8B8TZBRtDwfu6e7BKMHZZageAUDjIs6 AksHRS11dUDC1A9oaXS1w+yzAgMBAAGjggPHMIIDwzAfBgNVHSMEGDAWgBR8JM4N pDgtx7NjXqd4eo0dTC7HFTCBkAYIKwYBBQUHAQEEgYMwgYAwTwYIKwYBBQUHMAKG Q2h0dHA6Ly9yZXBvLnB1YmNlcnQuanBycy5qcC9zcHBjYS9qcHJzL2R2Y2FfZzQv SlBSU19EVkNBX0c0X0RFUi5jZXIwLQYIKwYBBQUHMAGGIWh0dHA6Ly9kdi5nNC5v Y3NwLnB1YmNlcnQuanBycy5qcDAnBgNVHREEIDAeggtnaXppbi5jby5qcIIPd3d3 LmdpemluLmNvLmpwMFkGA1UdIARSMFAwRAYLKwYBBAGDpEMBAQQwNTAzBggrBgEF BQcCARYnaHR0cDovL2pwcnMuanAvcHViY2VydC9pbmZvL3JlcG9zaXRvcnkvMAgG BmeBDAECATATBgNVHSUEDDAKBggrBgEFBQcDATBLBgNVHR8ERDBCMECgPqA8hjpo dHRwOi8vcmVwby5wdWJjZXJ0LmpwcnMuanAvc3BwY2EvanBycy9kdmNhX2c0L2Z1 bGxjcmwuY3JsMB0GA1UdDgQWBBSivhdkaGzAK4M9Jht1RbNDtaiFNzAOBgNVHQ8B Af8EBAMCBaAwggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB2AE51oydcmhDDOFts 1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABje47naEAAAQDAEcwRQIhAJ61dZ788yl0 llErAmA7OYuX5JChLU+5n6sV4r1tOmBXAiB8AsJt2v1me4aLIiHCe3riedfXhrEe AHM09FUpjg8NjwB3AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAAB je47pAAAAAQDAEgwRgIhAPYgxCMowXCyTjnv0TaqpsoC0JM9gMnfC2rydF7Wi4es AiEA59qAFx+vXsVVCRhb3K7n5jiEG6M+yrcNvx/dOUNx0qEAdgB9WR4S4Xgqexxh Z3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY3uO6bDAAAEAwBHMEUCIQDmznmUnEda C3ZuvRm16K7OL9qSWj6YRYqll7MM5DrDmQIgVESN9x8Q3RSECFYufCBJwYpkk6Qg Tpo1ACRa7PtZ2foAdQDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAA AY3uO6iUAAAEAwBGMEQCIE5Mticm/5/mkVJB6mIZGDJx3jkpN9DDYChQwoL3ZOf+ AiAaG6DIQqu5buBaLWewCs+FTHpjqXWM+XQJYusEsXMnwDANBgkqhkiG9w0BAQsF AAOCAQEAEGU98qt3JzZSR/pa+ENxbcZ1kZOHx8oBoQDjpu+oEQmrdxUVHTMgTuZG n+eUWddogF/yPLyHx6uxerruOCshhMmYkl8AXm3NqMt+TRDSlt/8x9Tc07eo2iVS +QMKmc0I0VKxeFZ9OxefeyTuRfrJ99ggeMmyiATdKi3vkZNkTi5Wr2+THamKVL2i xbuB5Ptf6XSx9Pnv4V5SJii6GHlQvCnQhd+seuJbHSbufnKxq3g6iDg1QAvGOMY/ x+sftnoj3/HGnx1P+wc1AVh8AXjhgKo41HK1+rV7Y5/AwOMnA0t3Tnb/7Uf0B9hl O5smKa44qOrekehF8rxIwh8zW5aOGA== -----END CERTIFICATE----- subject=CN = gizin.co.jp issuer=C = JP, O = "Japan Registry Services Co., Ltd.", CN = JPRS Domain Validation Authority - G4 --- No client certificate CA names sent Peer signing digest: SHA512 Peer signature type: RSA Server Temp Key: ECDH, secp521r1, 521 bits --- SSL handshake has read 5279 bytes and written 516 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: D6D175C7831D267728BF6A2DC8DDBCA5D5DA28D7544966298F997CB5687518A7 Session-ID-ctx: Master-Key: E7AA791997EDB36E012A7888326DE4F56D5425A905F929E4023315309234020B56E30C7CF80582B5287EF5AB80F5CA4C PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 7b e8 a3 8c 6c 04 b1 0f-18 67 13 b5 ba 2f 58 8c {...l....g.../X. 0010 - 44 2d ce 60 10 d9 fd da-87 90 35 33 c5 9f c9 23 D-.`......53...# 0020 - 40 be 27 28 ec 48 29 59-d3 12 e7 ff 20 ed 3b 64 @.'(.H)Y.... .;d 0030 - 2f 2d f9 55 97 f3 ec 6c-f2 d2 5c 1e d2 4d 0f ed /-.U...l..\..M.. 0040 - c3 9a 9f b9 21 69 ef b6-ab a4 e2 c2 5c 44 74 5b ....!i......\Dt[ 0050 - 29 5c e8 fc c9 b7 e4 ff-13 b2 0c 8b 0b 3a 39 e7 )\...........:9. 0060 - e7 0a 51 d3 06 76 70 ed-66 9e b7 10 e5 e5 83 93 ..Q..vp.f....... 0070 - ef 6d d9 7d 36 09 33 85-c5 d2 f2 63 79 e9 81 7a .m.}6.3....cy..z 0080 - f3 b3 81 6c f0 44 51 2c-34 6f e9 a9 25 55 0e 15 ...l.DQ,4o..%U.. 0090 - b2 6b 7a 81 48 80 56 0d-8b 09 8e 7c e0 7b 64 e1 .kz.H.V....|.{d. 00a0 - 49 36 99 87 e6 73 e9 7d-f5 95 66 64 63 af 89 58 I6...s.}..fdc..X 00b0 - 80 25 5f 94 e5 ee 1f 6d-93 a9 07 41 41 b6 80 d4 .%_....m...AA... Start Time: 1714233225 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no ---
#
OCSP response of
gizin.co.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.