Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://www.kepura.com
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=www.kepura.com
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=www.kepura.com
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=www.kepura.com
And you can
check your domain name
.
#
Certificate of
www.kepura.com
{ "serial": "0EB12C54D712CBEC72074934D8F8FAE1", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "www.kepura.com", "port": 443, "subjectAltName": "DNS:*.kepura.com, DNS:kepura.com", "is_valid": true, "CA": "Amazon", "updated_at": "2026/02/13 09:00:00", "expires_at": "2027/03/15 08:59:59", "today": "2026/04/01 10:29:59", "UTC": { "updated_at": "2026-02-13T00:00:00Z", "expires_at": "2027-03-14T23:59:59Z", "today": "2026-04-01T01:29:59Z" }, "remaining_days": 347 }
#
OCSP response of
www.kepura.com
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = *.kepura.com i:C = US, O = Amazon, CN = Amazon RSA 2048 M01 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Feb 13 00:00:00 2026 GMT; NotAfter: Mar 14 23:59:59 2027 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M01 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:21:28 2022 GMT; NotAfter: Aug 23 22:21:28 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgIQDrEsVNcSy+xyB0k02Pj64TANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTI2MDIxMzAwMDAwMFoXDTI3MDMxNDIzNTk1OVowFzEV MBMGA1UEAwwMKi5rZXB1cmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAwn2m+iye2KBS2BBtL1jE8N1iCA8Xwr3JxuHRF0izDUdqvhgo2NNyUZk8 4G50Oy7OqJzQ518iVkVGIKzUkUwsSFTZGoAbpg/ltyYPju4wyHRiixjnnZMEXjZk lowsqqPJYTUqNfKYL+28pC/67m11YQ5dAMyIIiBhQUrs+29tXSkUXCtJZWWKnZ+n PdEo6o7z6ryvQMCNTMN4mbY+r99FNMPbydGSceeTttG6V4sFozb3iGMkA9i7H/6a kz+vwegp+fmQ6j84okD9QXxhW5FUcU7BYK6cN7Kv/Kq9Kh7A/co53aIacBHsEvWo moBOxknZzsQz7eo62Syem9ncdN+YCwIDAQABo4IC7jCCAuowHwYDVR0jBBgwFoAU gbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFOOvh1K97RwRJQdlizWlnblt 7Wu6MCMGA1UdEQQcMBqCDCoua2VwdXJhLmNvbYIKa2VwdXJhLmNvbTATBgNVHSAE DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH AwEwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5hbWF6b250cnVz dC5jb20vcjJtMDEuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0 cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw Oi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/ BAIwADCCAYUGCisGAQQB1nkCBAIEggF1BIIBcQFvAHUATGPcmOWcHauI9h6KPd6u j6tEozd7X5uUw/uhnPzBviYAAAGcVGU4HAAABAMARjBEAiBUNk3fClSqWdxNhcsd +pqrJe4UqgnuAZ9yVGh85Fp21QIgEhTfX3ADmfgn8i9CpdjPK/FgTeAsRZoQTqn4 WpS7uiMAdgAcn2gs6frwRWlQ+BuWiofd2zIQ2EzmyLLjglJKxM9ZnwAAAZxUZTg6 AAAEAwBHMEUCIHWdb2gxS7PJmccU5/5Y4vQVraS6wQRi1ZCt4HcIJvT4AiEA/yDk N+s4gVAPntyb1Ztv5y/F8sab+Udy4Y+m9e4lfngAfgCOykcLrN5q86IGsKR6hLdG /h/Gv5U+JeabTuQCSPPG6AAAAZxUZTjNAAgAAAUAAqmTNwQDAEcwRQIgVBC1Ev4g MQUeDgxwkatSeuHpdziW/nJXdDxSHi4K6ZgCIQDA86gI1VHv2/YtU5tpGeoKjRmw xshmVxpa6cfDMDTj8zANBgkqhkiG9w0BAQsFAAOCAQEAov9pVc5EPlwYMcbAOZLj cCUyd0NHI8BtW42CLSbSqV+f60wYyynWJegqTnHyfW9dQGekh9KQNlILwl0uDYGC waJZQ4nOJl/4diLxkpsE2zFuaFTBrSIIrcW3sO2Nj/sz9hai40iaRRv4Ej4QkVtv FMKQjWQOtdl9wDWmZsfXNvLcYDUTyZfgd8Zit85IWuf55D5yc5FY/Z+X1VQSzoq5 vyd8SbphiErDHHoh1LrVRbIxfjsuEbs5Tc8rohjTK/64aNGbLHuQbWHZ4cW2WmvR MPjsXjkY/0GOna+79EP4nAmI6+qRCtuydc7W84wxJiKaZIKuaH/HFvEkli2BYETt +Q== -----END CERTIFICATE----- subject=CN = *.kepura.com issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M01 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 4461 bytes and written 451 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 4491FE3A0136AA230805C22C91A684BD115CCE26D741AF9B24BD456A5C7B0882 Session-ID-ctx: Master-Key: D01480765349C53E70E7DB6C5DFE7F7560939E7F20A419B71E80F7DE998FBFAF6DF1BD0D9E2ED7CC1995BF1B6F746272 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 43432 (seconds) TLS session ticket: 0000 - 01 08 f0 59 c7 9b 26 a9-8c 62 06 46 50 9f 07 1b ...Y..&..b.FP... 0010 - b8 5c df 61 34 1d 52 bf-d5 f6 f6 da e1 e2 60 51 .\.a4.R.......`Q 0020 - 71 68 89 14 35 19 3b 88-07 81 d5 78 12 c4 0d 78 qh..5.;....x...x 0030 - bc 29 14 8c b2 7b 7d cf-c7 01 d9 80 79 9e 3e 40 .)...{}.....y.>@ 0040 - f5 6b be d1 f9 ad b4 0f-11 e7 eb a4 e8 6a 91 5d .k...........j.] 0050 - 47 19 61 d4 f4 40 30 ff-0e 13 05 71 92 02 ce c8 G.a..@0....q.... 0060 - c9 46 10 90 21 76 25 26-65 12 9e e1 8d 17 df 06 .F..!v%&e....... 0070 - e2 a6 f1 21 42 38 31 c5-cf 06 fe c3 93 f4 09 f3 ...!B81......... 0080 - ae 91 a1 d8 50 d0 96 26-27 98 ....P..&'. Start Time: 1775007000 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
www.kepura.com
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.