Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://www.circumflex.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=www.circumflex.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=www.circumflex.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=www.circumflex.jp
And you can
check your domain name
.
#
Certificate of
www.circumflex.jp
{ "serial": "4CA0DC4A323ABA970A2D4CC62BCBFD22", "OCSP_serial": "4CA0DC4A323ABA970A2D4CC62BCBFD22", "OCSP_cert_status": "good", "OCSP_this_update": "Nov 16 20:05:06 2024 GMT", "OCSP_next_update": "Nov 23 19:05:05 2024 GMT", "domainName": "www.circumflex.jp", "port": 443, "subjectAltName": "DNS:utahfishtaxidermy.com, DNS:zeamen.com, DNS:www.app.leadfrompurpose.org, DNS:static.3rdanniversary.ac-pocketcamp.com, DNS:www.prevalentprops.com, DNS:www.135pixels.com, DNS:app.pro.trainsweateat.com, DNS:www.tradenal.com, DNS:south32-app.geneowebapp.com, DNS:intraspace.suitefeedback.com, DNS:www.worldallstars.com, DNS:invite.waidy.it, DNS:www.tatomaki.com, DNS:rtredes.com.br, DNS:recipes.johnjohn.dev, DNS:www.lehotzky.com, DNS:smoothe.in, DNS:bingotown.fun, DNS:crda.in, DNS:www.nimrooz.de, DNS:hdigitallab.ru, DNS:www.sectrkuttikad.com, DNS:formulieren.mooikliniek.nl, DNS:app.myxline.fi, DNS:family.spiders.fun, DNS:www.mobileflavour.com, DNS:frostyfriendsclub.io, DNS:portal.billgenerator.in, DNS:beta2.tartansoft.com, DNS:training.sundaysandseasons.com, DNS:logiblox.com, DNS:www.aara.co.in, DNS:admin.newsum.in, DNS:softharbour.io, DNS:playback.hxinnovationsinc.com, DNS:www.bingotown.fun, DNS:www.koma-tour.fun, DNS:www.qultah.com, DNS:www.marinyman.com, DNS:profil.t3i.fr, DNS:plotpilot.co.ke, DNS:hon-q.com, DNS:vuyap.com, DNS:www.eriosearch.com, DNS:profile.t3i.fr, DNS:admin.sellingcommunity.com, DNS:www.circumflex.jp, DNS:menunuzburada.com, DNS:nexmo.dwane.io, DNS:www.kpelz.eu, DNS:fromzodi.com, DNS:embed.seens.io, DNS:v2.staging.weezer.fr, DNS:anek.org, DNS:stardewna.me, DNS:app.brnkl.io, DNS:csspl.net, DNS:seerde.net, DNS:tokyo-esports-high.selforder.live, DNS:pulse.watermelon.co, DNS:kfz-gutachten-kaplan.de, DNS:hackvlc.es, DNS:app.keruu.fi, DNS:rimo-trogen.com, DNS:blog.pawanhegde.com, DNS:www.fembelling.live, DNS:opicup.com, DNS:arjien-malikzada.de, DNS:portal.riyo.io, DNS:ping.mss.io, DNS:core-pharmacy.pharmacloud.jp, DNS:gulshandynastymoradabad.online, DNS:www.natechristie.love, DNS:halvad-dham.org, DNS:uzumoren.zeplinx.com, DNS:mycancerteams.org, DNS:pita.hrtech.com.br, DNS:artship.co.uk, DNS:www.mukherjeegonzalez.com.mx, DNS:tlpp.me, DNS:www.skate-team.info, DNS:brickler.app, DNS:www.cashjar.app, DNS:eleosworld.co.uk, DNS:bsbpay-antigo.xptoconsig.com.br, DNS:view.soft.events, DNS:links.physicswallah.live, DNS:versionbetatest.org, DNS:www.painelimoveis.com, DNS:store.r42.ca, DNS:www.nextops.io, DNS:toslide.com, DNS:www.amber-living.de, DNS:link.atuprinet.ch, DNS:www.xianwang.io, DNS:links.mundoautomovel.co.mz, DNS:online.vedeckyctyrboj.cz, DNS:kuwaitinside.news, DNS:www.melbite.com, DNS:thisonetest.worky.mx", "is_valid": true, "CA": "Google Trust Services", "updated_at": "2024/10/24 01:51:25", "expires_at": "2025/01/22 02:48:23", "today": "2024/11/21 15:24:29", "UTC": { "updated_at": "2024-10-23T16:51:25Z", "expires_at": "2025-01-21T17:48:23Z", "today": "2024-11-21T06:24:29Z" }, "remaining_days": 61 }
#
OCSP response of
www.circumflex.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C781F5FD8E88D9003C4D63A2503124A0CE23FE23 Produced At: Nov 16 20:05:06 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 12AB48B9B763DA7E2D86C3DBB3C2773B29372D5A Issuer Key Hash: C781F5FD8E88D9003C4D63A2503124A0CE23FE23 Serial Number: 4CA0DC4A323ABA970A2D4CC62BCBFD22 Cert Status: good This Update: Nov 16 20:05:06 2024 GMT Next Update: Nov 23 19:05:05 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 74:a2:0b:09:9e:19:30:44:02:b3:f0:6c:97:49:33:89:c3:23: ac:ec:25:4d:db:b1:31:23:84:f7:52:85:1a:97:da:cf:8c:a3: e8:67:5d:63:6f:cf:e4:91:fd:ef:bd:0c:f3:d7:82:c4:19:2f: 39:64:ec:21:78:10:25:23:ff:b2:db:00:b8:0f:89:e7:3e:b7: f5:4b:0d:15:c8:59:e3:4a:11:07:de:58:7b:bf:e1:94:55:03: e0:c7:92:2f:8b:c2:23:4c:21:fa:9a:a5:f2:fc:aa:15:42:42: 25:6f:48:d9:db:e8:d1:6e:c9:28:e2:c5:62:50:47:24:7b:0f: 1d:6f:c6:e3:a1:f2:cc:7c:6f:fd:20:73:b7:05:9c:a7:6e:ad: 23:26:79:e2:71:cb:7c:51:17:22:08:de:45:33:6b:20:24:8f: ae:fe:8a:ba:9b:98:55:ea:cc:12:91:3d:04:65:5c:14:1a:0e: 0d:b0:50:80:87:31:d9:e5:d7:b6:20:e0:b9:61:f6:56:29:06: aa:29:1f:d3:57:6c:ae:a9:06:9b:27:88:ef:22:6a:a5:50:0f: d6:49:01:27:ee:60:08:ef:b5:dc:61:ec:d6:0e:96:2f:6e:c3: a3:2e:0f:28:1b:c7:d7:d4:23:e7:58:ea:58:9f:da:8e:9c:99: 66:62:38:c1 ====================================== --- Certificate chain 0 s:CN = utahfishtaxidermy.com i:C = US, O = Google Trust Services, CN = WR3 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Oct 23 16:51:25 2024 GMT; NotAfter: Jan 21 17:48:23 2025 GMT 1 s:C = US, O = Google Trust Services, CN = WR3 i:C = US, O = Google Trust Services LLC, CN = GTS Root R1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Dec 13 09:00:00 2023 GMT; NotAfter: Feb 20 14:00:00 2029 GMT 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256 v:NotBefore: Jun 19 00:00:42 2020 GMT; NotAfter: Jan 28 00:00:42 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIMzDCCC7SgAwIBAgIQTKDcSjI6upcKLUzGK8v9IjANBgkqhkiG9w0BAQsFADA7 MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQww CgYDVQQDEwNXUjMwHhcNMjQxMDIzMTY1MTI1WhcNMjUwMTIxMTc0ODIzWjAgMR4w HAYDVQQDExV1dGFoZmlzaHRheGlkZXJteS5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDSIDj51QpaAyxyMLB6KzB6Dj8DTy7Gt8co3AacDr/P443t nK1ZoCC/H6r4RKqCB9U5jrxiCwSJOcegOGmCCtatvrYJ/8cF6LrMPjC4kAIVEzgq 1IpYcgWyP2MthqppaIib8LPih+znXBICLEjz2WWEwD2n79SJq3tfdjediGt/F8FD glFPqOfk73xzyq/YywJbdk1OhvlZHpYnEFLZBaT/+1UwyM5OGLr3BqHXdsgVyCXe kGUP/K5ELQn33VOpZX0JiBXXJTW2yHj0IRdkPzaNeq0ThQJQnZVHgbCtGFymhrHN w6uFPIQ+diUcvYucRtDYkkpF0Yw56A6xV2Vzd76BAgMBAAGjggnlMIIJ4TAOBgNV HQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUBqnc2RQ9UPUbmO223RHnvRa3DPwwHwYDVR0jBBgwFoAUx4H1/Y6I 2QA8TWOiUDEkoM4j/iMwXgYIKwYBBQUHAQEEUjBQMCcGCCsGAQUFBzABhhtodHRw Oi8vby5wa2kuZ29vZy9zL3dyMy9US0EwJQYIKwYBBQUHMAKGGWh0dHA6Ly9pLnBr aS5nb29nL3dyMy5jcnQwgge0BgNVHREEggerMIIHp4IVdXRhaGZpc2h0YXhpZGVy bXkuY29tggp6ZWFtZW4uY29tght3d3cuYXBwLmxlYWRmcm9tcHVycG9zZS5vcmeC J3N0YXRpYy4zcmRhbm5pdmVyc2FyeS5hYy1wb2NrZXRjYW1wLmNvbYIWd3d3LnBy ZXZhbGVudHByb3BzLmNvbYIRd3d3LjEzNXBpeGVscy5jb22CGWFwcC5wcm8udHJh aW5zd2VhdGVhdC5jb22CEHd3dy50cmFkZW5hbC5jb22CG3NvdXRoMzItYXBwLmdl bmVvd2ViYXBwLmNvbYIcaW50cmFzcGFjZS5zdWl0ZWZlZWRiYWNrLmNvbYIVd3d3 LndvcmxkYWxsc3RhcnMuY29tgg9pbnZpdGUud2FpZHkuaXSCEHd3dy50YXRvbWFr aS5jb22CDnJ0cmVkZXMuY29tLmJyghRyZWNpcGVzLmpvaG5qb2huLmRldoIQd3d3 LmxlaG90emt5LmNvbYIKc21vb3RoZS5pboINYmluZ290b3duLmZ1boIHY3JkYS5p boIOd3d3Lm5pbXJvb3ouZGWCDmhkaWdpdGFsbGFiLnJ1ghV3d3cuc2VjdHJrdXR0 aWthZC5jb22CGmZvcm11bGllcmVuLm1vb2lrbGluaWVrLm5sgg5hcHAubXl4bGlu ZS5maYISZmFtaWx5LnNwaWRlcnMuZnVughV3d3cubW9iaWxlZmxhdm91ci5jb22C FGZyb3N0eWZyaWVuZHNjbHViLmlvghdwb3J0YWwuYmlsbGdlbmVyYXRvci5pboIU YmV0YTIudGFydGFuc29mdC5jb22CHnRyYWluaW5nLnN1bmRheXNhbmRzZWFzb25z LmNvbYIMbG9naWJsb3guY29tgg53d3cuYWFyYS5jby5pboIPYWRtaW4ubmV3c3Vt Lmlugg5zb2Z0aGFyYm91ci5pb4IdcGxheWJhY2suaHhpbm5vdmF0aW9uc2luYy5j b22CEXd3dy5iaW5nb3Rvd24uZnVughF3d3cua29tYS10b3VyLmZ1boIOd3d3LnF1 bHRhaC5jb22CEXd3dy5tYXJpbnltYW4uY29tgg1wcm9maWwudDNpLmZygg9wbG90 cGlsb3QuY28ua2WCCWhvbi1xLmNvbYIJdnV5YXAuY29tghJ3d3cuZXJpb3NlYXJj aC5jb22CDnByb2ZpbGUudDNpLmZyghphZG1pbi5zZWxsaW5nY29tbXVuaXR5LmNv bYIRd3d3LmNpcmN1bWZsZXguanCCEW1lbnVudXpidXJhZGEuY29tgg5uZXhtby5k d2FuZS5pb4IMd3d3LmtwZWx6LmV1ggxmcm9tem9kaS5jb22CDmVtYmVkLnNlZW5z LmlvghR2Mi5zdGFnaW5nLndlZXplci5mcoIIYW5lay5vcmeCDHN0YXJkZXduYS5t ZYIMYXBwLmJybmtsLmlvggljc3NwbC5uZXSCCnNlZXJkZS5uZXSCIXRva3lvLWVz cG9ydHMtaGlnaC5zZWxmb3JkZXIubGl2ZYITcHVsc2Uud2F0ZXJtZWxvbi5jb4IX a2Z6LWd1dGFjaHRlbi1rYXBsYW4uZGWCCmhhY2t2bGMuZXOCDGFwcC5rZXJ1dS5m aYIPcmltby10cm9nZW4uY29tghNibG9nLnBhd2FuaGVnZGUuY29tghN3d3cuZmVt YmVsbGluZy5saXZlggpvcGljdXAuY29tghNhcmppZW4tbWFsaWt6YWRhLmRlgg5w b3J0YWwucml5by5pb4ILcGluZy5tc3MuaW+CHGNvcmUtcGhhcm1hY3kucGhhcm1h Y2xvdWQuanCCHmd1bHNoYW5keW5hc3R5bW9yYWRhYmFkLm9ubGluZYIVd3d3Lm5h dGVjaHJpc3RpZS5sb3Zlgg9oYWx2YWQtZGhhbS5vcmeCFHV6dW1vcmVuLnplcGxp bnguY29tghFteWNhbmNlcnRlYW1zLm9yZ4IScGl0YS5ocnRlY2guY29tLmJygg1h cnRzaGlwLmNvLnVrghx3d3cubXVraGVyamVlZ29uemFsZXouY29tLm14ggd0bHBw Lm1lghN3d3cuc2thdGUtdGVhbS5pbmZvggxicmlja2xlci5hcHCCD3d3dy5jYXNo amFyLmFwcIIQZWxlb3N3b3JsZC5jby51a4IfYnNicGF5LWFudGlnby54cHRvY29u c2lnLmNvbS5icoIQdmlldy5zb2Z0LmV2ZW50c4IYbGlua3MucGh5c2ljc3dhbGxh aC5saXZlghN2ZXJzaW9uYmV0YXRlc3Qub3JnghV3d3cucGFpbmVsaW1vdmVpcy5j b22CDHN0b3JlLnI0Mi5jYYIOd3d3Lm5leHRvcHMuaW+CC3Rvc2xpZGUuY29tghN3 d3cuYW1iZXItbGl2aW5nLmRlghFsaW5rLmF0dXByaW5ldC5jaIIPd3d3LnhpYW53 YW5nLmlvghpsaW5rcy5tdW5kb2F1dG9tb3ZlbC5jby5teoIYb25saW5lLnZlZGVj a3ljdHlyYm9qLmN6ghFrdXdhaXRpbnNpZGUubmV3c4IPd3d3Lm1lbGJpdGUuY29t ghR0aGlzb25ldGVzdC53b3JreS5teDATBgNVHSAEDDAKMAgGBmeBDAECATA2BgNV HR8ELzAtMCugKaAnhiVodHRwOi8vYy5wa2kuZ29vZy93cjMvVDl2RjNsZ3FUd0Eu Y3JsMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAzxFW7tUufK/zh1vZaS6b6Rpx Z0qwF+ysAdJbd87MOwgAAAGSuoFCsgAABAMARzBFAiEAuU3w3jzcK+ZRcCq0gkpx AKQPGG7ciM8XIdcxCz8sMFUCIEZ7v4Lg5CdmjuZyIuA0ttyMHOD18fY5WrGgDo/W oaLVAHcAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGSuoFCkgAA BAMASDBGAiEAlo0QvBcyfPUIwr9OdAGM1/heMGzBcIUklrYIJRtTEV4CIQDyRttC Hs5BzszuDm9bA0oWrgPaSMjTt/A6wpMEGIH//jANBgkqhkiG9w0BAQsFAAOCAQEA J5j4UD6QkuIwN40/5MXL79tsIaTMKO0TWKxmm6lIuJODEHFpO2xwM8aCyXn/DYav IKRLtgmbFeLs9xzUzIeJdPWfB0Up/nVn/Pg+txofU66fYZGoD3d9AeLUCQMEebBJ jZUDm4DvEorcnxHGOVOFE1lRs+IgJ9KOnFQxJDGgrlQWxiHNDVME1/DQ47BkSIep 7k2uVUHoDTD6hEFubzBiRU76ffkQNAsVZyYso41Dt3fxk+vkelehxYpPKFzxIIBo iQlrKswC4McCi3Dj0CKvYVqO2SczoSoBY2poT2j+UR3tlxNqPDYWhys3+UQcv0Mu GnIlxKT15Yb01KDlIyQvYQ== -----END CERTIFICATE----- subject=CN = utahfishtaxidermy.com issuer=C = US, O = Google Trust Services, CN = WR3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 6990 bytes and written 392 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_128_GCM_SHA256 Session-ID: B2EF27573CCB7150C56B690698897358E0CDB6B43078A173B2D269B1F193735E Session-ID-ctx: Resumption PSK: D71B5D196AA0D1FE4DEFCD3F4ACCF5239CAAE68EEA12B850F55E6C87479D03D9 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - fb 23 4e 72 65 e3 6e e1-56 58 b2 94 0a ce 28 ba .#Nre.n.VX....(. 0010 - e5 60 a0 d0 43 da d6 24-48 ce 7d d4 9f 18 55 68 .`..C..$H.}...Uh 0020 - 78 47 1b 02 d9 1c 89 4f-da c1 d6 a8 c1 bf 79 12 xG.....O......y. 0030 - 7c e1 6c 45 f6 d2 99 de-53 7c a8 1c 2e ff 46 fe |.lE....S|....F. 0040 - f5 38 c7 6b 17 86 fa 64-ac b2 8a 73 06 32 c2 7b .8.k...d...s.2.{ 0050 - 07 7b 8a 99 85 b8 20 c1-10 6f fb e0 1b 22 5f 3c .{.... ..o..."_< 0060 - 7d 35 a4 45 fa b7 d8 45-40 56 8f 73 e5 3c fc de }5.E...E@V.s.<.. 0070 - ee 74 54 cf 12 a7 1f af-e2 51 08 cc 99 60 d7 45 .tT......Q...`.E 0080 - 13 6a b0 77 1d 35 90 90-7a 4e d1 4d e5 a6 56 61 .j.w.5..zN.M..Va 0090 - e3 c8 c1 fb c7 c0 ce 9e-a6 4d 9c 77 26 21 80 42 .........M.w&!.B Start Time: 1732170270 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK
#
OCSP response of
www.circumflex.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.