Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://kyoto.ltta.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=kyoto.ltta.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=kyoto.ltta.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=kyoto.ltta.jp
And you can
check your domain name
.
#
Certificate of
kyoto.ltta.jp
{ "serial": "0482B0CEEA39F7D9EE4026EC74267EFE", "OCSP_serial": "0482B0CEEA39F7D9EE4026EC74267EFE", "OCSP_cert_status": "good", "OCSP_this_update": "Apr 25 11:21:02 2024 GMT", "OCSP_next_update": "May 2 10:21:02 2024 GMT", "domainName": "kyoto.ltta.jp", "port": 443, "subjectAltName": "DNS:ltta.jp, DNS:fukui.ltta.jp, DNS:fukushima.ltta.jp, DNS:tochigi.ltta.jp, DNS:kyoto.ltta.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2023/07/01 09:00:00", "expires_at": "2024/07/31 08:59:59", "today": "2024/04/28 08:12:00", "UTC": { "updated_at": "2023-07-01T00:00:00Z", "expires_at": "2024-07-30T23:59:59Z", "today": "2024-04-27T23:12:00Z" }, "remaining_days": 94 }
#
OCSP response of
kyoto.ltta.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C03152CD5A50C3827C7471CECBE99CF97AEB82E2 Produced At: Apr 25 11:36:26 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 666D0B709C89E4BE4BEBEC134547E4B695360F8C Issuer Key Hash: C03152CD5A50C3827C7471CECBE99CF97AEB82E2 Serial Number: 0482B0CEEA39F7D9EE4026EC74267EFE Cert Status: good This Update: Apr 25 11:21:02 2024 GMT Next Update: May 2 10:21:02 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 27:40:ab:49:4a:b9:ed:20:f7:d5:ab:c6:32:1a:ae:46:ab:71: 41:a3:27:ae:04:f6:3d:0c:01:84:2d:a8:57:9a:43:55:d8:83: e7:0e:ca:66:16:63:07:16:74:c2:79:82:aa:76:50:cc:e0:8e: 8e:d6:c1:77:60:18:33:c3:bb:70:82:d3:1a:f3:b3:87:31:9c: 55:78:e3:ae:99:5c:91:34:fe:0a:05:62:f6:5a:98:56:74:1c: 6f:22:d2:ee:45:55:e0:19:47:1c:c7:58:29:97:3d:14:0d:4f: 4e:60:65:af:a9:c6:30:2a:d7:83:60:89:79:84:10:54:9e:70: 16:66:d5:b8:88:ac:4b:8b:af:56:d7:e4:95:3c:ca:4c:0d:f9: 71:3a:d7:21:4a:e8:a8:49:aa:d8:cd:37:09:16:25:e1:d1:86: 3e:f1:e7:a1:de:38:17:6c:17:17:d8:4e:99:ac:a4:9c:dc:0b: 55:7a:ea:94:5e:ea:57:cc:c4:50:07:7b:e3:a7:8a:84:5b:02: 7c:cb:22:29:6e:de:c1:f7:17:f0:80:85:b1:07:4e:f5:fb:28: fb:e6:45:ba:06:e9:67:bc:f0:ba:54:82:e4:a4:de:da:ec:79: 14:12:65:10:47:5d:ac:80:99:91:fb:46:61:b6:d0:d5:25:77: 83:a8:9a:f4 ====================================== --- Certificate chain 0 s:CN = ltta.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M02 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 1 00:00:00 2023 GMT; NotAfter: Jul 30 23:59:59 2024 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M02 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:25:30 2022 GMT; NotAfter: Aug 23 22:25:30 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIQBIKwzuo599nuQCbsdCZ+/jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDcwMTAwMDAwMFoXDTI0MDczMDIzNTk1OVowEjEQ MA4GA1UEAxMHbHR0YS5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKBL7Ng6bRH5uPUZmjYZFuwCo5WfyfD3dNsBlIwLfGrmrrrDJKMDA5sJcAZPkWDP rl6Eevqbf81FoPooYIFywiu7y7sVRXYBgbEVWac3sScPeawuCWAxTF3F5DUUrBYk /58VO52pRucZSqqFAoHFQk33F8kQGLAnRVYtgb+kKd1nigtCoJZcQQ4GI6+AdTK2 Gcqqb49h2ksKVyD7eag2t1WSbwX4r9QCmxfBT2/NSdx7XK8eeqiXupGscrNBpg5b RRyiFTSOCTGVx3H9ARx7Onj/BQxJuJjxk0atXqdHU5xy5pVYovtOJ9/AlbKgwRTv 9c8y7Xnbgwgq/a32o7wqLRsCAwEAAaOCAyEwggMdMB8GA1UdIwQYMBaAFMAxUs1a UMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTxN7dzHWSUqlP97+t4plzCaSxPPTBU BgNVHREETTBLggdsdHRhLmpwgg1mdWt1aS5sdHRhLmpwghFmdWt1c2hpbWEubHR0 YS5qcIIPdG9jaGlnaS5sdHRhLmpwgg1reW90by5sdHRhLmpwMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAw oC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3Js MBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw AYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC hipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD VR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA7s3QZNXbGs7F XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJD6z5cAAABAMARzBFAiBGwMI9pr1p 6y3IAR6MyVyyTcHSgEryYfpsUO4hal6tAgIhAJjwJeyK3KY9JXwOwJVi4Tpi3wt5 L3MlRIhCaE3gMZMAAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMA AAGJD6z51gAABAMARzBFAiA1sHvkLEhmb6VI4TNTgdlP6MFJYPzcECFWbAXUl+ZJ tAIhAItazNqBQbomWisEe0riFu16s+PdmY7yACGmcaB3Udh2AHUA2ra/az+1tiKf m8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJD6z5rwAABAMARjBEAiBL++gX1cEr B0zGjpDvrOVg0k4TBwyh2Pggl30OKYbdugIgSAgxfXbbwMJt1lJ1md2KWKsjdoZA FeENGClHSv4MFIAwDQYJKoZIhvcNAQELBQADggEBAHR8Z3vnB0SG8+cK8ZO8fazC lsLWOfCfHgSJCtfXm/1lFAEU3dkPWYxhdKN/BMMMYMZWtSNo0aYnR+IIMlqOKB5R iCC0mle+2uI01LUEJui+nw4g199ZRwA+zJAKJpqijJwc9zCzssUGYqba0GZWb2Rk BEez6ydNdfinSG6A6BxwURGTIL7U2rmjHKf7NOmZggO3te/Y9uIVS6zVVmFv/TnP m5qHvAxH+XEVoa4nO1d0uU2vzfcg3I0TpI44fgIMjJtaWKeXOpqATJiLmiGwfD7I ylM6bC+pVwV5tm6KgNN/fwE05eJBVAK2AlgzYDmUk46xRXWyOog8xpE+WsDXGHE= -----END CERTIFICATE----- subject=CN = ltta.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M02 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 6014 bytes and written 388 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
kyoto.ltta.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.