Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://ticket.ctime.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=ticket.ctime.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=ticket.ctime.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=ticket.ctime.jp
And you can
check your domain name
.
#
Certificate of
ticket.ctime.jp
{ "serial": "096E0C3E822D0926AF3177873053A184", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "ticket.ctime.jp", "port": 443, "subjectAltName": "DNS:ticket.ctime.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2024/08/16 09:00:00", "expires_at": "2025/09/15 08:59:59", "today": "2024/11/21 15:59:37", "UTC": { "updated_at": "2024-08-16T00:00:00Z", "expires_at": "2025-09-14T23:59:59Z", "today": "2024-11-21T06:59:37Z" }, "remaining_days": 297 }
#
OCSP response of
ticket.ctime.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = ticket.ctime.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M03 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 16 00:00:00 2024 GMT; NotAfter: Sep 14 23:59:59 2025 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M03 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:26:04 2022 GMT; NotAfter: Aug 23 22:26:04 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgIQCW4MPoItCSavMXeHMFOhhDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDgxNjAwMDAwMFoXDTI1MDkxNDIzNTk1OVowGjEY MBYGA1UEAxMPdGlja2V0LmN0aW1lLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAuthzIu7Mq7q3CHEmOfEYA6QXsZzexRleFWa8Bo95SFYCx4zbANJq j0+le/vATXGpETW1+wUjUDRWQLhwwZqTU22PVdNkmOMeYTnl7JFdSr96bQ8dn7kO V7TnseZxQ7IPNAp38fDlx4kp5mGqRH4nwVzp5taampIqKI2AH4p5MGHQWaQtN2uD 9kwsoo1N3S48GGdNlZPNYzh+nrA68CYeNwGK9t54bJlf8pCGGb0TsZtSK2d+r/sc KTspOD8XP+bhurXQ/KLzRA5RnLfXl7LjZuUqhtqJA+Rtc3UcE/ICj8vEy8G4Y1fF BZ3va5es3jwNiUWpEU69haUWkvi3Uj5F4QIDAQABo4IC6TCCAuUwHwYDVR0jBBgw FoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFC0tnnU2uqkwohg4X1eN bfU4tR90MBoGA1UdEQQTMBGCD3RpY2tldC5jdGltZS5qcDATBgNVHSAEDDAKMAgG BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9u dHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1Ud EwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ABLxTjS9U3JMhAYZ w48/ehP457Vih4icbTAFhOvlhiY6AAABkViy7vcAAAQDAEcwRQIhAKRUbi1q6hv5 8TPWeCdzPzQB86WntpluJxAfPoTQi9OQAiB0UnQxwwzaMO+ihIQn6Id1EUXhog6y zKf88Rfx/OIJWAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAAB kViy7zEAAAQDAEgwRgIhAPZbjfKQLCMa/S6mZPQIw5uJ4EcdWk6cBAQPVhApUSLm AiEA4opndw6fpag3aKQI2Dh6tDTbROIYj81EDCtWdhBW8PEAdgDm0jFjQHeMwRBB Btdxuc7B0kD2loSG+7qHMh39HjeOUAAAAZFYsu9PAAAEAwBHMEUCICtINgXl80PR U52dhx9UD45H26zD1I0IhYYmjaOJL7BoAiEAqz15BKeprbwKXhK1nWeKmWxe6cSp 9LV+l2cH8FFQM20wDQYJKoZIhvcNAQELBQADggEBAAwxOF+FgRda0w582eZd9yVo c183qWLMdO4dQNTx4Pe4KuHY2ZWw03wAaxZkybQKjcwel29D0vL9PPC9Ny5c5LHH xuyQEGEpwdPZjnRqLyTIYii5TuNcNtIq1ZwvKoFfKKbh5oUTm28q0U+kkLJp+ADN wC0LMC2EjiV71zCQGErwYIODu8VDKSSGP/hQph41i3TQFR+OVgCzXrC54zgNSsnl YqoDK0QyV5/1aPZz/9jwKFirQEFxIYG7r3eHdXNvuiwHhOn3aNVCEJhSk7zicjui 99YRCwMpZ0QlQkDGY0iRSGAD4OSOlfAfBIorDhHuu3347CFEsZAx/PJaq5vLZMY= -----END CERTIFICATE----- subject=CN = ticket.ctime.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M03 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5607 bytes and written 452 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 53E711C73FB245E8B0C5D7F63694806D4A7490B5269F8BE25F77AE7CCC6A416B Session-ID-ctx: Master-Key: D1578912834020A19AFEDF1E39F03B649DB36614A31799D519263A0859FAF46AA47AA7D93C4AB4CE24C7E6F3E646C802 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 01 b6 f8 89 6b 30 89 1b-eb 60 d2 e6 7e 10 07 11 ....k0...`..~... 0010 - ae 4d 47 be 7e 87 da 8b-4e 91 60 d2 ec 2a 76 b1 .MG.~...N.`..*v. 0020 - 20 88 74 95 47 d2 b6 0f-9e ae 79 f3 8a 48 ed 8e .t.G.....y..H.. 0030 - e9 fc 4e 5b 2c 67 a0 49-a1 5f 22 3b 29 ef 73 5f ..N[,g.I._";).s_ 0040 - d6 da 1d 97 a8 7d c0 c9-15 c5 be 59 76 10 ba f5 .....}.....Yv... 0050 - 95 1a 7b 22 03 ec 17 64-cf c9 62 4f 25 71 a7 79 ..{"...d..bO%q.y 0060 - d2 2e 90 81 bb 43 97 ba-e2 7e e6 9b 78 1c 37 81 .....C...~..x.7. 0070 - 01 bf 37 c9 fe cb 2b 80-9e 86 f6 eb be d6 3e 24 ..7...+.......>$ 0080 - f2 26 70 ed d4 67 80 26-4f 6f .&p..g.&Oo Start Time: 1732172377 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
ticket.ctime.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.