Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://status.mamisrv.ne.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=status.mamisrv.ne.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=status.mamisrv.ne.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=status.mamisrv.ne.jp
And you can
check your domain name
.
#
Certificate of
status.mamisrv.ne.jp
{ "serial": "DCE112CEBF5140B70EA45228134A32FA", "OCSP_serial": "DCE112CEBF5140B70EA45228134A32FA", "OCSP_cert_status": "good", "OCSP_this_update": "Apr 27 13:28:06 2024 GMT", "OCSP_next_update": "May 4 12:28:05 2024 GMT", "domainName": "status.mamisrv.ne.jp", "port": 443, "subjectAltName": "DNS:mamisrv.ne.jp, DNS:*.mamisrv.ne.jp", "is_valid": true, "CA": "Google Trust Services LLC", "updated_at": "2024/04/22 20:49:47", "expires_at": "2024/07/21 20:49:46", "today": "2024/04/28 15:47:40", "UTC": { "updated_at": "2024-04-22T11:49:47Z", "expires_at": "2024-07-21T11:49:46Z", "today": "2024-04-28T06:47:40Z" }, "remaining_days": 84 }
#
OCSP response of
status.mamisrv.ne.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: D5FC9E0DDF1ECADD0897976E2BC55FC52BF5ECB8 Produced At: Apr 27 13:28:06 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: EC4A2797F8915935139678B3E8C8A21D097B312E Issuer Key Hash: D5FC9E0DDF1ECADD0897976E2BC55FC52BF5ECB8 Serial Number: DCE112CEBF5140B70EA45228134A32FA Cert Status: good This Update: Apr 27 13:28:06 2024 GMT Next Update: May 4 12:28:05 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 3e:18:a4:2f:71:21:24:c7:73:f9:55:68:8d:be:a4:6f:f0:67: 6f:50:d5:eb:1c:d3:90:8a:22:55:2f:3a:61:f1:fd:2a:98:19: a5:5c:cf:6d:dc:a4:68:4e:8a:12:3a:2b:1c:5e:72:6f:f4:f1: e9:d2:50:c0:79:18:c0:1f:a9:ba:fd:a5:f4:2b:95:80:5b:61: 28:a2:c9:0f:5d:6f:d2:66:66:be:a9:c6:38:f0:f5:b5:1b:50: ac:d4:8b:e4:c3:75:ad:b1:ad:e0:ec:dd:2b:d3:46:42:dc:fd: 04:4c:2b:40:01:a4:2d:cf:e6:86:9d:2b:c8:29:22:c7:7a:69: 89:09:f7:18:df:19:a5:d4:2e:a8:89:94:31:75:d8:cb:fe:43: a5:d5:7e:22:99:2e:b5:80:c1:bd:bb:08:3c:6f:77:6e:1e:da: d5:ba:c6:97:21:ad:db:cb:e6:93:77:2d:d4:18:f7:91:cb:62: df:a2:83:05:58:75:3a:e7:06:87:91:51:32:68:aa:28:7e:19: 29:65:cc:84:2d:1d:0c:5e:cb:c5:42:d3:bf:1f:13:4a:66:48: ac:ef:05:26:fc:6c:55:89:f1:a6:ac:9f:06:89:e3:bf:81:12: 68:d7:d0:d9:87:67:e4:08:53:d4:1a:66:78:20:be:dc:9f:00: ce:22:52:4d ====================================== --- Certificate chain 0 s:CN = mamisrv.ne.jp i:C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Apr 22 11:49:47 2024 GMT; NotAfter: Jul 21 11:49:46 2024 GMT 1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 i:C = US, O = Google Trust Services LLC, CN = GTS Root R1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 13 00:00:42 2020 GMT; NotAfter: Sep 30 00:00:42 2027 GMT 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256 v:NotBefore: Jun 19 00:00:42 2020 GMT; NotAfter: Jan 28 00:00:42 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIRANzhEs6/UUC3DqRSKBNKMvowDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjQwNDIyMTE0OTQ3WhcNMjQwNzIx MTE0OTQ2WjAYMRYwFAYDVQQDEw1tYW1pc3J2Lm5lLmpwMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAwmdEUJPfqb7Q+QMmwODtzJGsR487Ioj6pMp1MIOA qPWXa34nGHJVJ9RnFPg3DGQkpr+NetyIerzyIklez7cH7QNuqeRwBdoWwArGahvr Bvmbe7iPekXa06EXNypL1wT5tWpm0Jd4i+3knX9IowH5SD0wK86Gwp/3WVytcfKm PTvsinoip92q18Yddmw0/0IIcBnrwwxPmJQWkp+2MH6XI9nRgUkBG4qrMtRRLGNw kyHw4r9VsYKSllXS3GpU5HcMtsny7iTGT8kGuOarbqHh2zheuLuFe5O56Ezdot3R yAJzF5yX7qX45TYRFVPIishbKQUuBKE8fcFXMJHH9/z45wIDAQABo4IChTCCAoEw DgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFMjifRzzhl0/Eej6pLQrjwEpwOVLMB8GA1UdIwQYMBaAFNX8 ng3fHsrdCJeXbivFX8Ur9ey4MHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcwAYYp aHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMxcDUvUTBQU2pZdlRBRjAwMQYIKwYB BQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFwNS5kZXIwKQYD VR0RBCIwIIINbWFtaXNydi5uZS5qcIIPKi5tYW1pc3J2Lm5lLmpwMCEGA1UdIAQa MBgwCAYGZ4EMAQIBMAwGCisGAQQB1nkCBQMwPAYDVR0fBDUwMzAxoC+gLYYraHR0 cDovL2NybHMucGtpLmdvb2cvZ3RzMXA1LzdMRF9fRlNWaUZnLmNybDCCAQQGCisG AQQB1nkCBAIEgfUEgfIA8AB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI 1/urAAABjwXa+HMAAAQDAEYwRAIgb+0ix9bqVzOjo1AHUq9Tkw4ZIkCsO+4WsFJS TnxWOgICIDkMfmgFZWTg+dIU1wbokePuHNWP/jt5ZYGGdxyY3B1zAHcA7s3QZNXb Gs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGPBdr4RwAABAMASDBGAiEAyy8g xaQ6LATliDyYtqN/R1uVCgChukZnOvdffp2f8GQCIQCzcSG7/0OqLdCiG9rZ3L1w /lNtbvcOsG75BjOVMLXt6zANBgkqhkiG9w0BAQsFAAOCAQEAV44LaGdnH8oPY8f4 abA5yEEYMfVqxK5r4eTdpS59y81p2JRmQbuZXbc4JtBFrE4E5R1E83A2tZbsA2Q1 DLyqGKROf+4N04iFVZXqiD+1m+cQz8e4bDalAnx8DE6lADYtQezHM3mcDUwneRUO dAj67lZpFoAlLm/0VLq2tmMjMDubGRVwlq6lcUM+72gR2naXJz0JVbaliVahQKwr ukgRoncPYadpbqEZw5iYedJVxj17mU/xfHbj2jCbeF/GMP4QQjSYEOVhtAU2wdcx GFp6qfJyYWr5ghbjzwyXyerL8QFM4A515Hcfj4aCMGiYv9qdlJcpMkQ4sKCaQyoH b61nWA== -----END CERTIFICATE----- subject=CN = mamisrv.ne.jp issuer=C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 5186 bytes and written 411 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
status.mamisrv.ne.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.