Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://tanzak.nomadscafe.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=tanzak.nomadscafe.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=tanzak.nomadscafe.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=tanzak.nomadscafe.jp
And you can
check your domain name
.
#
Certificate of
tanzak.nomadscafe.jp
{ "serial": "EA48C8EA7559261F4CA4794407DD2F99", "OCSP_serial": "EA48C8EA7559261F4CA4794407DD2F99", "OCSP_cert_status": "good", "OCSP_this_update": "Mar 30 14:35:06 2026 GMT", "OCSP_next_update": "Apr 6 14:35:05 2026 GMT", "domainName": "tanzak.nomadscafe.jp", "port": 443, "subjectAltName": "DNS:tanzak.nomadscafe.jp", "is_valid": true, "CA": "ZeroSSL", "updated_at": "2026/03/10 09:00:00", "expires_at": "2026/06/09 08:59:59", "today": "2026/04/01 10:29:40", "UTC": { "updated_at": "2026-03-10T00:00:00Z", "expires_at": "2026-06-08T23:59:59Z", "today": "2026-04-01T01:29:40Z" }, "remaining_days": 68 }
#
OCSP response of
tanzak.nomadscafe.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: 0F6BE64BCE3947AEF67E901E79F0309192C85FA3 Produced At: Mar 30 14:35:06 2026 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 331FFE3FFD0B8416284F948D56C07E0392D8F64D Issuer Key Hash: 0F6BE64BCE3947AEF67E901E79F0309192C85FA3 Serial Number: EA48C8EA7559261F4CA4794407DD2F99 Cert Status: good This Update: Mar 30 14:35:06 2026 GMT Next Update: Apr 6 14:35:05 2026 GMT Signature Algorithm: ecdsa-with-SHA384 Signature Value: 30:65:02:30:2d:ef:d4:1f:0b:49:a7:fa:2b:1d:78:1d:f4:fc: 75:62:e1:56:17:e4:52:f5:fd:02:5e:76:9e:39:5b:93:dc:08: 22:8b:06:04:6c:67:00:f1:9e:c8:81:aa:ba:ff:a3:89:02:31: 00:a8:26:eb:25:21:e1:e0:5c:92:69:f6:57:54:ab:1c:fa:4c: 7f:36:9f:b1:da:3c:ac:ea:1a:3e:cd:f4:f4:a0:30:23:31:00: b2:9a:50:87:9c:2f:c0:b0:5b:36:bb:ac:62 ====================================== --- Certificate chain 0 s:CN = tanzak.nomadscafe.jp i:C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Mar 10 00:00:00 2026 GMT; NotAfter: Jun 8 23:59:59 2026 GMT 1 s:C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust ECC Certification Authority a:PKEY: id-ecPublicKey, 384 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Jan 30 00:00:00 2020 GMT; NotAfter: Jan 29 23:59:59 2030 GMT 2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust ECC Certification Authority i:C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, CN = AAA Certificate Services a:PKEY: id-ecPublicKey, 384 (bit); sigalg: RSA-SHA384 v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIID/zCCA4agAwIBAgIRAOpIyOp1WSYfTKR5RAfdL5kwCgYIKoZIzj0EAwMwSzEL MAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9TU0wg RUNDIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yNjAzMTAwMDAwMDBaFw0yNjA2 MDgyMzU5NTlaMB8xHTAbBgNVBAMTFHRhbnphay5ub21hZHNjYWZlLmpwMFkwEwYH KoZIzj0CAQYIKoZIzj0DAQcDQgAEXiR/Io69i6ClDfL14J2TbJ3Klpxvw+5BIr4X Xv1yLPXqQwmYtv53N03Smvz0i/RmZ2zGiAe1jaS4qgBxrQm0wqOCAnUwggJxMB8G A1UdIwQYMBaAFA9r5kvOOUeu9n6QHnnwMJGSyF+jMB0GA1UdDgQWBBR6Rz+Gc3/0 FIOtdzDZG9LxvHBU5TAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADATBgNV HSUEDDAKBggrBgEFBQcDATBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJOMCUwIwYI KwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBiAYI KwYBBQUHAQEEfDB6MEsGCCsGAQUFBzAChj9odHRwOi8vemVyb3NzbC5jcnQuc2Vj dGlnby5jb20vWmVyb1NTTEVDQ0RvbWFpblNlY3VyZVNpdGVDQS5jcnQwKwYIKwYB BQUHMAGGH2h0dHA6Ly96ZXJvc3NsLm9jc3Auc2VjdGlnby5jb20wggEDBgorBgEE AdZ5AgQCBIH0BIHxAO8AdQAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWsYcVO IQAAAZzVhLm+AAAEAwBGMEQCIDkaP8PXiCJydhFVz0bfWKeEuueFHj+ITUfQ/Y0w du3OAiB4Sdp5QM2U7lBAOHY5P0ojQiFUA0FIZBmm2uzho3nhIAB2ABaDLavwqSUP D/A6pUX/yL/II9CHS/YEKSf45x8zE/X6AAABnNWEuiYAAAQDAEcwRQIhAKTjhoN6 ywyBEKJszaRghBZepSJXu2IC4fRYrc0nCQojAiBgCS9KK8kMeX9tB5Qf4BbyCWaI QVGFQhnrSTny95xLEzAfBgNVHREEGDAWghR0YW56YWsubm9tYWRzY2FmZS5qcDAK BggqhkjOPQQDAwNnADBkAjBy6xhulpk4gZsLaBxqYxRrfC5d1HSoAhDhYY4B0Vh0 ElZ4VMUoA9lcLSqQzsj8KWQCMEdg4bnsky56HHICeTb5eTljndtC26jKJ3Dz3AJX ladYNsXrJM+7p970vrI6yvfXsQ== -----END CERTIFICATE----- subject=CN = tanzak.nomadscafe.jp issuer=C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 3603 bytes and written 395 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_128_GCM_SHA256 Session-ID: 7EF0FDADC922F1C08FD580655097FF786201152C9273457A0E7C072919B3D7B1 Session-ID-ctx: Resumption PSK: 24CD1C0C294B3FEABABEFEC9B315DC7EF40D95229AA2DE391F681EEE879E2DD4 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 604800 (seconds) TLS session ticket: 0000 - 8c f4 38 72 0e 74 30 34-ee 31 55 29 a4 15 2a b1 ..8r.t04.1U)..*. 0010 - 09 12 46 31 27 7f ae e2-95 84 4b 17 80 64 cb b1 ..F1'.....K..d.. 0020 - d1 03 de af 47 f4 85 9c-6d 3d 17 0d d5 ec ba 02 ....G...m=...... 0030 - 1a aa 2f a0 62 8b d7 9d-66 26 81 77 9a 6b ec d8 ../.b...f&.w.k.. 0040 - 58 b3 a1 0c d9 f7 52 12-ac db 0f 65 d1 9c 9e 8b X.....R....e.... 0050 - d4 e1 91 e8 20 7d 51 3d-e8 0c 1f 23 18 8f 90 14 .... }Q=...#.... 0060 - f7 12 5f 93 31 a5 93 05-73 c4 04 9f 05 8b 55 c9 .._.1...s.....U. 0070 - 40 @ Start Time: 1775006980 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK
#
OCSP response of
tanzak.nomadscafe.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.