Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://www.ihep.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=www.ihep.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=www.ihep.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=www.ihep.jp
And you can
check your domain name
.
#
Certificate of
www.ihep.jp
{ "serial": "0AE633EB86326031B0FADA9F83E1A025", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "www.ihep.jp", "port": 443, "subjectAltName": "DNS:www.ihep.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2024/06/03 09:00:00", "expires_at": "2025/07/04 08:59:59", "today": "2024/11/21 15:41:38", "UTC": { "updated_at": "2024-06-03T00:00:00Z", "expires_at": "2025-07-03T23:59:59Z", "today": "2024-11-21T06:41:38Z" }, "remaining_days": 224 }
#
OCSP response of
www.ihep.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = www.ihep.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M02 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jun 3 00:00:00 2024 GMT; NotAfter: Jul 3 23:59:59 2025 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M02 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:25:30 2022 GMT; NotAfter: Aug 23 22:25:30 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgIQCuYz64YyYDGw+tqfg+GgJTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDYwMzAwMDAwMFoXDTI1MDcwMzIzNTk1OVowFjEU MBIGA1UEAxMLd3d3LmloZXAuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDjj/7cOh6Fwd2dwnSlwAdhC9Zi5ZbMl2kSV7EdfAZ8gr5JQRRXmWBLaQsE F2i2oPL/x0T5MgNntinshzZPagbyjp9Gw4TAk6P26ZB90ZNCl2ubUTIHgN9DaWfZ tAQVhZkRIy/zTVEOM5wc/ULjJQV09crS2+ZxQtJ3ItLSu2Po/uTMGTZpeksOWXJH TvdcPIDFhEvOq8zJD6JtFIdrJtLhQMVTjfyTeGxWEnueruMaocTxApm4ptPfCxPX RDlzCfRERR6+ztU3FK+MZo9pYchYH+I6PD3sq+XXzhnbTL4XMC1mRmsxh2m6ytGs McFFt4xD+dYbZxKt/UHazZe50L+tAgMBAAGjggLkMIIC4DAfBgNVHSMEGDAWgBTA MVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUrH1hfhvItNuPZpNqOIYd3iXj cEMwFgYDVR0RBA8wDYILd3d3LmloZXAuanAwEwYDVR0gBAwwCjAIBgZngQwBAgEw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7 BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNv bS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v b2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j cnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAA MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgAS8U40vVNyTIQGGcOPP3oT+Oe1 YoeInG0wBYTr5YYmOgAAAY/bllJyAAAEAwBHMEUCIQD3Ik547F6dqUo+nLeH51t9 rUW/iiYiqMGkcvrloIJSbgIgEm1qm8s1iKQMFU0nnOCawX4R7+nkwtX3PF0P2G97 KngAdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY/bllKBAAAE AwBIMEYCIQDkerJgMznEvIOYgxf60IPs2xbOcZSkhBrNFPQHWd7a8AIhAK+bKa+i brKz6t10qxtspIi95OaJhiF/xub3MGPcz6ahAHUA5tIxY0B3jMEQQQbXcbnOwdJA 9paEhvu6hzId/R43jlAAAAGP25ZSkwAABAMARjBEAiAaYdSps8D/aP77PHfNYDge bJPwSqmY9ux7J7PPM3BlSQIgFSDauHyidexIzHpLDDcF/wxElgxA9w0piu+8Ua+F i48wDQYJKoZIhvcNAQELBQADggEBACvtXGLsczCnDGz+2ihCidynWRAO1b8srXOQ gXNr7BTJEpseGQyHNxmiteBteIx8qLhkEbTUBxgWG06Wo6HOx4VFZczCNwVnrkSJ sC+scgvDOsUuqV6x9OMsc7hW+rIvy8Nj9FXV9dhBNRuc1jaWjycR4HCr5/V08ml/ PK+XyrhlANd5i4HCg2uZ0V3HMtjSxlQQ/n00p/h0iYEFYhM1jE+tKLNN5jgPQuhm 4miFAK161Bof2d5Rp562ByzRXrhCR86x8yKTjUOCHSqQO0OjIxUjE+j6/n8jM0mj 91KBnbv6EW+AcbFro/ZaT7JgygAjTEZLGqTYwIyvgnvHbxrt4BQ= -----END CERTIFICATE----- subject=CN = www.ihep.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M02 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5598 bytes and written 448 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: FEB73BC724C2A2ECB841EEFAFDE630CD47E667DB8558D33AFC89440F3CF73F5B Session-ID-ctx: Master-Key: 2A0360FDB1B362F3510C4C5551CBD85D7841711CDC5E709D458C552B46EA3F6AD2A8AD2BC98379C1BF04568A9B6FA827 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 01 a4 f3 5c 42 fe 41 de-2d 21 b9 b7 19 df 7f f5 ...\B.A.-!...... 0010 - 30 67 70 db bc 94 0d d1-7b f1 bf 28 6b 52 f0 1e 0gp.....{..(kR.. 0020 - e8 9d 31 09 c9 79 e3 42-31 76 a9 28 1e 97 4b 7c ..1..y.B1v.(..K| 0030 - 1f 8c 13 32 00 20 bd 60-03 74 76 e2 aa 71 5c 42 ...2. .`.tv..q\B 0040 - 30 25 e1 4f d4 ae e8 66-da f7 ff ad 07 04 59 17 0%.O...f......Y. 0050 - c3 64 7c a9 f4 78 e2 60-b1 0f 6d da e8 09 63 17 .d|..x.`..m...c. 0060 - 49 22 5e 0b 13 18 2a f5-d7 03 49 bb cf 06 7f ce I"^...*...I..... 0070 - 49 8a e4 e6 33 5a a1 05-40 21 28 76 68 16 d4 47 I...3Z..@!(vh..G 0080 - 23 fe b6 69 ed 85 9a 99-a9 6a #..i.....j Start Time: 1732171298 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
www.ihep.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.