Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://shop.hikarifield.co.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=shop.hikarifield.co.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=shop.hikarifield.co.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=shop.hikarifield.co.jp
And you can
check your domain name
.
#
Certificate of
shop.hikarifield.co.jp
{ "serial": "07ECD94C1EC87530BDB1036C30D26A88", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "shop.hikarifield.co.jp", "port": 443, "subjectAltName": "DNS:store.hikarifield.co.jp, DNS:api.hikarifield.co.jp, DNS:shop.hikarifield.co.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2024/09/26 09:00:00", "expires_at": "2025/10/27 08:59:59", "today": "2025/07/13 11:24:21", "UTC": { "updated_at": "2024-09-26T00:00:00Z", "expires_at": "2025-10-26T23:59:59Z", "today": "2025-07-13T02:24:21Z" }, "remaining_days": 105 }
#
OCSP response of
shop.hikarifield.co.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = store.hikarifield.co.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M03 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 26 00:00:00 2024 GMT; NotAfter: Oct 26 23:59:59 2025 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M03 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:26:04 2022 GMT; NotAfter: Aug 23 22:26:04 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIGCDCCBPCgAwIBAgIQB+zZTB7IdTC9sQNsMNJqiDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDkyNjAwMDAwMFoXDTI1MTAyNjIzNTk1OVowIjEg MB4GA1UEAxMXc3RvcmUuaGlrYXJpZmllbGQuY28uanAwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQD9uWJ+GdEuPxal92DS8oSEIY06mGfRs0KCZf7ldt1t X8jqK2ggiyyP1QP2U4TUhkmZLm0ta1uxVMMGDclP0TbGeX9qAJ0Vt55O/syfL5un l+kghMTw4d4BYiCGDvtYNv7TcRlmNg9wNq9PdZFnQF96+2p/Z47LqhMA+sAXSVT+ XdFz9RLGY02pen4HAnGAGu5wZ+t+UE1RIYwp371oPyz+504vpWVH5JF9rtRNE/47 RUPbq+bc9jlTqbsvKsc48kbLrS/kZylDzKnOrjh2QXDJlkBMwFXnN/drryab32W+ QqVIfzIFeKZbfIn+Lj0loOcYuwLykxCAIVrxV2MGN45lAgMBAAGjggMeMIIDGjAf BgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUzY3vtY39 Gt8JIcTsvCGvvOxJoS8wUQYDVR0RBEowSIIXc3RvcmUuaGlrYXJpZmllbGQuY28u anCCFWFwaS5oaWthcmlmaWVsZC5jby5qcIIWc2hvcC5oaWthcmlmaWVsZC5jby5q cDATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j cmwucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRp MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNv bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20v cjJtMDMuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkB ZwB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAABkiv6kYsAAAQD AEcwRQIhAIQMdvTA+QkMGRhY0qvzml2kBf389nl0/ijM5mMYiH+dAiAMaNYn93Q6 MfU5+/bTWWd6rREtu9mPq6Rv4Kl/70naGQB1AObSMWNAd4zBEEEG13G5zsHSQPaW hIb7uocyHf0eN45QAAABkiv6kYsAAAQDAEYwRAIgK43xNyvG/eGXqTqJ5ZcrcJEj GHej0j2EwDTCzJ4YYXoCIAUQP1CfHQH82OWsMU4353Lt2k9Lq7m6BMTFfIOmBedW AHYAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGSK/qRoQAABAMA RzBFAiEAzq/dehlguFtD9NKyGn8j/LlriAQoaf/40NefadPW5eQCIBEg2r+7KUJX LW1pf4faNzVKFXfMl+y3z5GhLkmG8mY1MA0GCSqGSIb3DQEBCwUAA4IBAQAxLuyL KqmgglOGkbM9HIsO6cQiGhKE3DaEeY0zWNbJUGi+BnmkkFyU9P+ljtNFHM1hhWuZ 4cUvZcEWMTQErQ9RIgsGd2k58iLwh7rd3Dht8sxxAPXrR4mn0IqCU6qsmTCwaV7M pF49Li+H0TsbkazKUkViVh6QyoOxu/r9wU7S7+Iu1WQ1fWqIv1twDhYwt3Zzj6Wr TqulyZoNrvPXGa5kXxGhgcgalK+S+8h5J/1KabsnFyZNEJof4X/Xy7yeo5jFcIwt EgMkmGLFGnOS5Pd6p94g0ilp9D8Hi/af/qiX3Td+hlKfMIQvvgzyYtHaznGZqRl7 aeu43JDm1HNng9rk -----END CERTIFICATE----- subject=CN = store.hikarifield.co.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M03 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 4520 bytes and written 459 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 8A2C7BE189B4295EC0E44EAABF3E0905E0733CF71808ACCB4F4E52A1500D8B62 Session-ID-ctx: Master-Key: C40A960AB4BCCAEB91E4E976B82384FFF204E96EE4EC2032F5818012E34AB447B19388AA53FFBE1DF69AA3155E9A8AF3 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 01 82 d7 db 05 fd 09 54-95 ca 33 9f 6b 0f c8 48 .......T..3.k..H 0010 - eb 39 c2 07 9e 0a bc d5-f3 bf 26 e0 4e 0c c6 7e .9........&.N..~ 0020 - 53 c6 5f 11 1a 8a 38 51-ae 2c 25 c8 a2 89 21 70 S._...8Q.,%...!p 0030 - 6e ea 84 51 9c 94 ed 2f-55 ea 21 3d 5f 18 b3 e5 n..Q.../U.!=_... 0040 - 19 b6 78 0a 40 2f 5d e8-fb 69 dd 0e 02 51 ed b4 ..x.@/]..i...Q.. 0050 - f6 b2 4c 76 c3 3e 37 84-3b 21 8f 73 e6 ff 00 82 ..Lv.>7.;!.s.... 0060 - 6e 66 da 71 8b d7 6b 2a-37 48 a7 04 aa a6 00 d6 nf.q..k*7H...... 0070 - 18 b8 9a 41 7f 01 7e ea-a3 e1 cd 21 5f c5 65 8a ...A..~....!_.e. 0080 - 0e 48 2b 2c 4b 8d 7f 9d-0b 18 .H+,K..... Start Time: 1752373462 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
shop.hikarifield.co.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.