Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://www.riken-suuri.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=www.riken-suuri.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=www.riken-suuri.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=www.riken-suuri.jp
And you can
check your domain name
.
#
Certificate of
www.riken-suuri.jp
{ "serial": "031DB6CC199E8231CB21563D526D6D4D", "OCSP_serial": "031DB6CC199E8231CB21563D526D6D4D", "OCSP_cert_status": "good", "OCSP_this_update": "Nov 20 10:03:02 2024 GMT", "OCSP_next_update": "Nov 27 09:03:02 2024 GMT", "domainName": "www.riken-suuri.jp", "port": 443, "subjectAltName": "DNS:www.riken-suuri.jp", "is_valid": true, "CA": "DigiCert Inc", "updated_at": "2024/07/17 09:00:00", "expires_at": "2025/07/18 08:59:59", "today": "2024/11/21 15:58:41", "UTC": { "updated_at": "2024-07-17T00:00:00Z", "expires_at": "2025-07-17T23:59:59Z", "today": "2024-11-21T06:58:41Z" }, "remaining_days": 238 }
#
OCSP response of
www.riken-suuri.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4 Produced At: Nov 20 10:19:24 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: E4E395A229D3D4C1C31FF0980C0B4EC0098AABD8 Issuer Key Hash: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4 Serial Number: 031DB6CC199E8231CB21563D526D6D4D Cert Status: good This Update: Nov 20 10:03:02 2024 GMT Next Update: Nov 27 09:03:02 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 00:cd:66:64:ed:13:de:8e:aa:45:83:bd:1f:8c:8c:df:54:53: f1:28:7b:e6:59:09:18:cd:f1:dc:dd:76:0b:1c:5b:b6:06:7a: a3:72:aa:11:4b:c9:9d:28:a5:64:25:c0:e8:b1:38:20:4e:db: db:b2:9a:1f:87:ee:af:6c:8a:5c:a7:e5:cd:d5:ee:53:84:e7: dc:7d:3d:1c:47:d3:24:0c:a6:22:0b:56:81:0d:06:11:de:21: b4:80:05:e7:4f:e1:0b:3b:ca:c1:1f:77:56:1b:fd:05:14:5d: d7:de:37:3a:19:ff:56:a9:b8:94:6c:36:38:66:5f:d1:45:56: 93:0d:9d:6e:56:bf:bb:d9:fa:94:c0:fe:33:00:09:1c:77:7f: 57:06:97:d6:22:25:4f:64:05:e0:50:fd:54:35:13:87:98:7c: 49:8a:f3:6b:c6:17:46:e9:d2:7f:1c:66:d9:96:16:d6:04:d5: 93:f5:48:57:fa:05:78:a8:f6:0b:5a:4b:70:79:82:2d:ad:4e: 98:5e:af:fc:93:f6:7d:d5:d0:8f:39:20:07:27:99:b7:a0:61: 36:4d:6f:46:60:1a:25:c4:e3:52:bc:31:c0:ce:48:4e:c5:32: 23:3a:d3:4b:a9:66:e6:38:c6:88:83:2b:4f:b2:00:93:fc:3d: 75:70:d4:cd ====================================== --- Certificate chain 0 s:C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = www.riken-suuri.jp i:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 17 00:00:00 2024 GMT; NotAfter: Jul 17 23:59:59 2025 GMT 1 s:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Apr 14 00:00:00 2021 GMT; NotAfter: Apr 13 23:59:59 2031 GMT 2 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA1 v:NotBefore: Nov 10 00:00:00 2006 GMT; NotAfter: Nov 10 00:00:00 2031 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIGwzCCBaugAwIBAgIQAx22zBmegjHLIVY9Um1tTTANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yNDA3MTcwMDAwMDBa Fw0yNTA3MTcyMzU5NTlaMHExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y YXRpb24xGzAZBgNVBAMTEnd3dy5yaWtlbi1zdXVyaS5qcDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALiixWFvepOqB0hu4lBPQ8lNmMs798a3NcB/yA0B 7KEAEnHWzdTCjjgplizA8cxbyDx+o+OPQZOtPhFYlWPf3vmco0crv5XBn/JOShok QtTfweBdNUD6TbpJdNLCnLfWwotRQCold0Dh8xdWPzEhvE2rmBHkaLAtBOATpIB9 Z3wuBk/WRl16UqquRKGyGUg9eytqcVj8VugLjHSIhpUsvkpgn1z224MyyCAon1PN 9t+0Ah7JP0lLDwUWRdvdYTq1uDoHsgOsAbc8oKCBSyE5imopBO3ynPuDbwliVUUv J8bgU5pXLS9mX16n966RQCzR68Eh9JDQfkbhdhVr+/8x6nECAwEAAaOCA3cwggNz MB8GA1UdIwQYMBaAFLdrouqoqoSMeeq02g+YssWVdrn0MB0GA1UdDgQWBBTd1wvT rp2z4h4nRxH6gLBeDLNunTAdBgNVHREEFjAUghJ3d3cucmlrZW4tc3V1cmkuanAw PgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5k aWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDBA oD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hB MjU2MjAyMENBMS00LmNybDB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0 dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2Vy dHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS0xLmNy dDAMBgNVHRMBAf8EAjAAMIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwAS8U40 vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZC+ZK++AAAEAwBIMEYCIQCL zjrIowLraXRW7E6xaJxzTgZ0WkubkDi3gwS/gmRgdAIhAP0JT+pZduAjr9Yy8l21 4St7TfR5P0nGDdy0TCLVN+FGAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/Z DowuebgAAAGQvmSvfQAABAMARzBFAiEA0UyX3PfyLbWhgydwdm+DFUQE/t2PleRs GxS1R8fP0cgCIFw9GEci8PzrzgFqWLStrVhFtsJ0NwEXEhaCFukXcuZcAHcAzPsP aoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGQvmSvhwAABAMASDBGAiEA /YZXLqrnstJm2olnH+5o5JStBmZ1PdTJC8h6WMBkIpwCIQC7hZfqPLBG416nEcDI dkXiQADeRnSLFeQiQneTbNw2AzANBgkqhkiG9w0BAQsFAAOCAQEAn+wrGNgQ+M3L ix6lulIxTaIKf6veYqh41wBVHUU8UTvVUOOBX5p3D/SH9PWbHaLNE2CEeDdwlUPL HAXw0t4DH0owhs2oyuK7E/RgvjYQSdmLruGtYou7YBlK1P/4CFTrPoLFizuVDmLZ b1DnXnP0q/IFaio3SRi1CZiFoi6YN//JrF1XsMpCf9eExvsHgvNNdLh6rBU9jFkO kLnIwh3VO5XLGDa1ZvOO72uJtrgi6J0L5uhCazhVz8/hjyq4D67jdxi1nS4u+c8D cjCq378bnwAbkq3xTa9WcW7I/4Dk3v2U6+WCwbtj3lRzYVO8UfAA9OTsBDrWwhg2 /ZbvsZesnw== -----END CERTIFICATE----- subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = www.riken-suuri.jp issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5075 bytes and written 771 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
www.riken-suuri.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.