CRL & OCSP report for www.oaticerts.com (Open Access Technology International Inc)

www.oaticerts.com

This certificate was cached at
Certificate details for www.oaticerts.com (At position 0 in certificate chain)
Serial number:
hex: 4e098964000000001045
int: 368520506398376579829829
Issued by: webCARES Issuing CA 2013
Not valid before:
Not valid after:
Organization: Open Access Technology International Inc
Organization unit: OATI
State / Province: MN
Locality: Minneapolis
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://certs.oaticerts.com/repository/OATIIA2013.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://certs.oaticerts.com/repository/OATIIA2013.crl
Size: 141852 bytes (DER data)
Response time: 901.216311ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 4342

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Microsoft-IIS/7.5

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=900]
Content-Length: [141852]
Content-Type: [application/pkix-crl]
Date: [Tue, 08 Dec 2015 15:42:44 GMT]
Etag: ["67e55997ca31d11:0"]
Last-Modified: [Tue, 08 Dec 2015 15:10:36 GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
(STAPLED)Good

OCSP response information

Source: Stapled OCSP reponse from Server
Size: 2453 bytes (DER data)
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: webCARES Issuing OCSP 2015
Issued by: webCARES Issuing CA 2013
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Raw OCSP request (PEM encoded)



Raw OCSP response (PEM encoded)
-----BEGIN OCSP RESPONSE-----
MIIJkQoBAKCCCYowggmGBgkrBgEFBQcwAQEEggl3MIIJczCBmKIWBBTGi2SFTlvq
lPIjbFtpCjiAmlvBfRgPMjAxNTEyMDgxMjUwMzRaMG0wazBDMAkGBSsOAwIaBQAE
FDT1U3TyLe4LN9x2y7KeHyoj92fUBBR+yrClIOYoBddLR9M+olpxK0L3TwIKTgmJ
ZAAAAAAQRYAAGA8yMDE1MTIwODEyMDAzNFqgERgPMjAxNTEyMDkwMDEwMzRaMA0G
CSqGSIb3DQEBCwUAA4ICAQBstpp7s1FnJm/EWYzUXXLncJPtuDuu4tcMiN0oc+Nj
Du6cVBfd6KcCEu4n+3Alva1JbJ2w1CVbgaDJdYsDQixR6p56cTL1jnjCL2V0x9VP
hJ5zNgkau+Vk5yRMMy7DhnyXuEm+LTe5dxIBwtnhMktBEe17yIR7WDRE0mxLSCQi
79BPX9SLX6Ke1T9+V7TwedRObSm3Oojf7y/Nuzgt4dw0ZCgAlWyhnj2B64aK7bml
KMJS4KLcLXWz+0tHiFEVUKyED1jZBxquHM56onlN3xJJQ1Ds5nATxEGHaf3dbb5e
Qo0t+Fg273AyJHBjHZq1H3pHliB2EpNhS/tW1qK/ulPyCYNnaMvBZzSQSGWNU0Xw
QsbJ5O0vDV1LwnBmiRQ2hQEjAuF5Ky7ORPICzRiGoOUJsm2hovw4xiJgOGX+eSBq
nwr6Lxp+7QzekeEl9qcCbeeUuSqKS4+Wv94xJFR8EM+YiqA9Mx4wENGmPIs6E5cX
FmAeMpfoyJk/XET4w7Mg+MJ9/do2LsGrSFYC9j+Fe4j/vdeg+GTXOhbVNfSvSeJi
iNeKi8EpVhC05sbvu6RCyzclvDCv/jbb8zHwai1rAagzW7PqmjK8Fw8yZkjx5urM
C9sXX3gP8YQCI2aIXFYTdcJA7zB4uDZKa0aHHW4iDr4ruPuwYIetJlbA/eaaTf03
hqCCBsAwgga8MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsF
ADCBhjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFw
b2xpczExMC8GA1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlv
bmFsIEluYzEhMB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1
MTExMjE5MTkzNVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNj
ZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNB
UkVTIElzc3VpbmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAn3dnPbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2
rs0sSIlBxYER1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMd
RBhWhNSUJSn0FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6Ukk
kgIGaJrhxpOsqVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZl
vyr0VtE3p2bExwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTk
WOwoXIpKFeI96I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDH
tP/8OjRaGrenFnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJ
zZeIoF688Nq/1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUB
w7rssesRws77fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg7
0Pq1zGnrwCoFsMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxp
ux2gqCkkP31u5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIw
ggEeMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYB
BQUHAwkwDwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4
gJpbwX0wgbkGA1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYw
gYMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9s
aXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25h
bCBJbmMxHjAcBgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAA
EjANBgkqhkiG9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmK
g535dPj5JzSRFnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJ
KXv5K0h+dnslyRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4Xkyy
qR3aMOJPzwfVXqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsD
Z+Fn9MGgCDxlpt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFt
AU/2AqvOETJLfgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cq
tFdIVRJ8M7MkLrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0
o6G/EjHa4dT++Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l
46VU6rlh5OT+sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yY
Jvr9oacAha3CE2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78Gfi
jWx+SiuNC5KEbY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGu
X7/eB2o=
-----END OCSP RESPONSE-----



Raw 
OCSP Signing Certificate (PEM encoded)
-----BEGIN CERTIFICATE-----
MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsFADCBhjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczExMC8G
A1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlvbmFsIEluYzEh
MB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1MTExMjE5MTkz
NVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEU
MBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hu
b2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNBUkVTIElzc3Vp
bmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn3dn
PbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2rs0sSIlBxYER
1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMdRBhWhNSUJSn0
FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6UkkkgIGaJrhxpOs
qVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZlvyr0VtE3p2bE
xwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTkWOwoXIpKFeI9
6I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDHtP/8OjRaGren
FnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJzZeIoF688Nq/
1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUBw7rssesRws77
fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg70Pq1zGnrwCoF
sMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxpux2gqCkkP31u
5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIwggEeMBsGCSsG
AQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJ
KwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4gJpbwX0wgbkG
A1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYwgYMxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNV
BAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxHjAc
BgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAAEjANBgkqhkiG
9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmKg535dPj5JzSR
FnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJKXv5K0h+dnsl
yRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4XkyyqR3aMOJPzwfV
XqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsDZ+Fn9MGgCDxl
pt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFtAU/2AqvOETJL
fgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cqtFdIVRJ8M7Mk
LrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0o6G/EjHa4dT+
+Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l46VU6rlh5OT+
sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yYJvr9oacAha3C
E2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78GfijWx+SiuNC5KE
bY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGuX7/eB2o=
-----END CERTIFICATE-----



    
  
  • OCSP signing 
  certificate is already valid 
  
  • OCSP signing 
  certificate is not expired 
  
  • OCSP signing 
  certificate does not expire before NextUpdate 
  
  • OCSP signing 
  certificate does contain the Extended Key Usage for OCSP Signing 
  
  • OCSP signing 
  certificate does contain the OCSP No Check extension 





This OCSP response was cached at 




http://ocsp.oaticerts.com/ocsp 
(GET)Good






OCSP response information


Source: Authority Information Access 
in Certificate
Location: http://ocsp.oaticerts.com/ocsp 
(GET)
Size: 2453 bytes (DER data)
Response 
time: 1.306921159s
Signature algorithm: 
SHA256WithRSA
Signature type: CA Deligated
Signed 
by: webCARES Issuing OCSP 2015
Issued by: webCARES 
Issuing CA 2013
Reported statuses: 1
This 
update: 
Next update: 
Produced at: 
Status: Good


Relevant server response headers


Date: 
Last Modified: 
Expires: 
Cache Control Max-age: 15m0s


Server and network information


Server Software: 
Microsoft-IIS/7.5




URL used for GET request
http://ocsp.oaticerts.com/ocsp/MEswSTBHMEUwQzAJBgUrDgMCGgUABBQ09VN08i3uCzfcdsuynh8qI%2Fdn1AQUfsqwpSDmKAXXS0fTPqJacStC908CCk4JiWQAAAAAEEU%3D


Raw OCSP request (PEM 
encoded)
-----BEGIN OCSP REQUEST-----
MEswSTBHMEUwQzAJBgUrDgMCGgUABBQ09VN08i3uCzfcdsuynh8qI/dn1AQUfsqw
pSDmKAXXS0fTPqJacStC908CCk4JiWQAAAAAEEU=
-----END OCSP REQUEST-----



Raw OCSP response (PEM encoded)
-----BEGIN OCSP RESPONSE-----
MIIJkQoBAKCCCYowggmGBgkrBgEFBQcwAQEEggl3MIIJczCBmKIWBBTGi2SFTlvq
lPIjbFtpCjiAmlvBfRgPMjAxNTEyMDgwODEwNDlaMG0wazBDMAkGBSsOAwIaBQAE
FDT1U3TyLe4LN9x2y7KeHyoj92fUBBR+yrClIOYoBddLR9M+olpxK0L3TwIKTgmJ
ZAAAAAAQRYAAGA8yMDE1MTIwODA3MDAzNlqgERgPMjAxNTEyMDgxOTEwMzZaMA0G
CSqGSIb3DQEBCwUAA4ICAQBhHg8/UPmRmGlt/TvY8pOdzopDouN26VG968Teu5vC
/0Msv8Pn1vWZZzhBwpDwpP3cFD6tUYHCM6ImKjAU1rVuHVItAHapRDhOeqxZV294
ofl+xaBDMLTPwnjnR1bwnzwNfsdez/XiZwmvqyNPJCgZdZZM80CciFUWfKNgWJjD
ZAFeZiPyI8EayndbGeCs/LgN1RAU0TH7H6lduguFOTqOsiU/5+VmL3MzzkSFIvYc
1b1SyOhJSWLH1gGmoJisdV7VNjo72Wg3ja7G/mtJtWKDKvxb9P4znBdRrIO/zLXF
uDF9b9NeDow0UOwkXKJt65fj8baosJC5DCLBho8EtYrBABx+mvHNVZSWWSQvaFBs
dtHTrxMM/FmFNRhYqZB4uNlCT0AROXOCalfUSRhf6VLpGIIFXHsKmPrtO9NCy+Go
Rn7FN+PQ6z7CHSe3sI3PNED7DKWodMUyQYQzHPLqe6R18Xfqzy/Uwv4G9dbAKdHU
XKiPyBOMqjzfiOst7lM64xTUhh+C3g9VI9tOMduX6XEKp/BMtv1bERPvLPHXOPYK
PBkYYUkXBV8GUWVUszLebzVIs5+815DAMH8GH/bYjEi1DyBDOG+ToMTbU7MVyRkV
P2gRn+ihnutBGYx56xlOOLHq94Vw3UNpMYwgdEBMFy/eo/jFXNHDEAVu2dmoyOMq
L6CCBsAwgga8MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsF
ADCBhjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFw
b2xpczExMC8GA1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlv
bmFsIEluYzEhMB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1
MTExMjE5MTkzNVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNj
ZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNB
UkVTIElzc3VpbmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAn3dnPbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2
rs0sSIlBxYER1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMd
RBhWhNSUJSn0FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6Ukk
kgIGaJrhxpOsqVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZl
vyr0VtE3p2bExwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTk
WOwoXIpKFeI96I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDH
tP/8OjRaGrenFnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJ
zZeIoF688Nq/1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUB
w7rssesRws77fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg7
0Pq1zGnrwCoFsMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxp
ux2gqCkkP31u5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIw
ggEeMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYB
BQUHAwkwDwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4
gJpbwX0wgbkGA1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYw
gYMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9s
aXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25h
bCBJbmMxHjAcBgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAA
EjANBgkqhkiG9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmK
g535dPj5JzSRFnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJ
KXv5K0h+dnslyRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4Xkyy
qR3aMOJPzwfVXqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsD
Z+Fn9MGgCDxlpt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFt
AU/2AqvOETJLfgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cq
tFdIVRJ8M7MkLrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0
o6G/EjHa4dT++Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l
46VU6rlh5OT+sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yY
Jvr9oacAha3CE2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78Gfi
jWx+SiuNC5KEbY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGu
X7/eB2o=
-----END OCSP RESPONSE-----



Raw 
OCSP Signing Certificate (PEM encoded)
-----BEGIN CERTIFICATE-----
MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsFADCBhjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczExMC8G
A1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlvbmFsIEluYzEh
MB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1MTExMjE5MTkz
NVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEU
MBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hu
b2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNBUkVTIElzc3Vp
bmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn3dn
PbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2rs0sSIlBxYER
1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMdRBhWhNSUJSn0
FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6UkkkgIGaJrhxpOs
qVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZlvyr0VtE3p2bE
xwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTkWOwoXIpKFeI9
6I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDHtP/8OjRaGren
FnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJzZeIoF688Nq/
1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUBw7rssesRws77
fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg70Pq1zGnrwCoF
sMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxpux2gqCkkP31u
5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIwggEeMBsGCSsG
AQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJ
KwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4gJpbwX0wgbkG
A1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYwgYMxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNV
BAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxHjAc
BgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAAEjANBgkqhkiG
9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmKg535dPj5JzSR
FnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJKXv5K0h+dnsl
yRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4XkyyqR3aMOJPzwfV
XqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsDZ+Fn9MGgCDxl
pt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFtAU/2AqvOETJL
fgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cqtFdIVRJ8M7Mk
LrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0o6G/EjHa4dT+
+Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l46VU6rlh5OT+
sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yYJvr9oacAha3C
E2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78GfijWx+SiuNC5KE
bY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGuX7/eB2o=
-----END CERTIFICATE-----



Raw OCSP response headers


Cache-Control: [max-age=900]
Content-Length: 
[2453]
Content-Type: [application/ocsp-response]
Date: [Tue, 08 Dec 2015 
15:42:46 GMT]
Etag: ["55793bdc081460b26e78d71222d8531e"]
Expires: [Tue, 08 
Dec 2015 19:10:36 GMT]
Last-Modified: [Tue, 08 Dec 2015 07:00:36 
GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET ARR/2.5 
ASP.NET]


    
  
  • OCSP signing 
  certificate is already valid 
  
  • OCSP signing 
  certificate is not expired 
  
  • OCSP signing 
  certificate does not expire before NextUpdate 
  
  • OCSP signing 
  certificate does contain the Extended Key Usage for OCSP Signing 
  
  • OCSP signing 
  certificate does contain the OCSP No Check extension 
  
  • Content-Type in 
  response is set to 'application/ocsp-response' 
  
  • Response is 
  already valid 
  
  • Response is not 
  expired 
  
  • ThisUpdate is less than four days old, OCSP information 
  must be updated at least every four days (Mozilla & Baseline Requirements) 
  
  
  • The NextUpdate field is not more than ten days beyond 
  the value of the ThisUpdate field (Mozilla & Baseline Requirements) 
  
  • Last-Modified header is the same as ThisUpdate (RFC 
  5019, section 6.2) 
  
  • NextUpdate is 
  after the date in the Expires cache header 
  
  • The 
  Cache-Control max-age header does not outlive NextUpdate 
  
  • ThisUpdate has a 
  date before NextUpdate 
  
  • Expires cache header is the same as the NextUpdate field 
  (RFC 5019 section 6.2) 




This OCSP response was cached at 




http://ocsp.oaticerts.com/ocsp 
(POST)Good






OCSP response information


Source: Authority Information Access 
in Certificate
Location: http://ocsp.oaticerts.com/ocsp 
(POST)
Size: 2453 bytes (DER data)
Response 
time: 1.106386684s
Signature algorithm: 
SHA256WithRSA
Signature type: CA Deligated
Signed 
by: webCARES Issuing OCSP 2015
Issued by: webCARES 
Issuing CA 2013
Reported statuses: 1
This 
update: 
Next update: 
Produced at: 
Status: Good


Relevant server response headers


Date: 
Last Modified: 
Expires: 
Cache Control Max-age: 15m0s


Server and network information


Server Software: 
Microsoft-IIS/7.5




Raw OCSP request (PEM 
encoded)
-----BEGIN OCSP REQUEST-----
MEswSTBHMEUwQzAJBgUrDgMCGgUABBQ09VN08i3uCzfcdsuynh8qI/dn1AQUfsqw
pSDmKAXXS0fTPqJacStC908CCk4JiWQAAAAAEEU=
-----END OCSP REQUEST-----



Raw OCSP response (PEM encoded)
-----BEGIN OCSP RESPONSE-----
MIIJkQoBAKCCCYowggmGBgkrBgEFBQcwAQEEggl3MIIJczCBmKIWBBTGi2SFTlvq
lPIjbFtpCjiAmlvBfRgPMjAxNTEyMDgwODEwNDlaMG0wazBDMAkGBSsOAwIaBQAE
FDT1U3TyLe4LN9x2y7KeHyoj92fUBBR+yrClIOYoBddLR9M+olpxK0L3TwIKTgmJ
ZAAAAAAQRYAAGA8yMDE1MTIwODA3MDAzNlqgERgPMjAxNTEyMDgxOTEwMzZaMA0G
CSqGSIb3DQEBCwUAA4ICAQBhHg8/UPmRmGlt/TvY8pOdzopDouN26VG968Teu5vC
/0Msv8Pn1vWZZzhBwpDwpP3cFD6tUYHCM6ImKjAU1rVuHVItAHapRDhOeqxZV294
ofl+xaBDMLTPwnjnR1bwnzwNfsdez/XiZwmvqyNPJCgZdZZM80CciFUWfKNgWJjD
ZAFeZiPyI8EayndbGeCs/LgN1RAU0TH7H6lduguFOTqOsiU/5+VmL3MzzkSFIvYc
1b1SyOhJSWLH1gGmoJisdV7VNjo72Wg3ja7G/mtJtWKDKvxb9P4znBdRrIO/zLXF
uDF9b9NeDow0UOwkXKJt65fj8baosJC5DCLBho8EtYrBABx+mvHNVZSWWSQvaFBs
dtHTrxMM/FmFNRhYqZB4uNlCT0AROXOCalfUSRhf6VLpGIIFXHsKmPrtO9NCy+Go
Rn7FN+PQ6z7CHSe3sI3PNED7DKWodMUyQYQzHPLqe6R18Xfqzy/Uwv4G9dbAKdHU
XKiPyBOMqjzfiOst7lM64xTUhh+C3g9VI9tOMduX6XEKp/BMtv1bERPvLPHXOPYK
PBkYYUkXBV8GUWVUszLebzVIs5+815DAMH8GH/bYjEi1DyBDOG+ToMTbU7MVyRkV
P2gRn+ihnutBGYx56xlOOLHq94Vw3UNpMYwgdEBMFy/eo/jFXNHDEAVu2dmoyOMq
L6CCBsAwgga8MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsF
ADCBhjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFw
b2xpczExMC8GA1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlv
bmFsIEluYzEhMB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1
MTExMjE5MTkzNVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNj
ZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNB
UkVTIElzc3VpbmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAn3dnPbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2
rs0sSIlBxYER1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMd
RBhWhNSUJSn0FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6Ukk
kgIGaJrhxpOsqVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZl
vyr0VtE3p2bExwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTk
WOwoXIpKFeI96I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDH
tP/8OjRaGrenFnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJ
zZeIoF688Nq/1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUB
w7rssesRws77fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg7
0Pq1zGnrwCoFsMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxp
ux2gqCkkP31u5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIw
ggEeMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYB
BQUHAwkwDwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4
gJpbwX0wgbkGA1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYw
gYMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9s
aXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25h
bCBJbmMxHjAcBgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAA
EjANBgkqhkiG9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmK
g535dPj5JzSRFnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJ
KXv5K0h+dnslyRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4Xkyy
qR3aMOJPzwfVXqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsD
Z+Fn9MGgCDxlpt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFt
AU/2AqvOETJLfgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cq
tFdIVRJ8M7MkLrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0
o6G/EjHa4dT++Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l
46VU6rlh5OT+sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yY
Jvr9oacAha3CE2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78Gfi
jWx+SiuNC5KEbY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGu
X7/eB2o=
-----END OCSP RESPONSE-----



Raw 
OCSP Signing Certificate (PEM encoded)
-----BEGIN CERTIFICATE-----
MIIGuDCCBKCgAwIBAgIKJU4RzwAAAAAIaTANBgkqhkiG9w0BAQsFADCBhjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczExMC8G
A1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlvbmFsIEluYzEh
MB8GA1UEAxMYd2ViQ0FSRVMgSXNzdWluZyBDQSAyMDEzMB4XDTE1MTExMjE5MTkz
NVoXDTE3MTExMjE5MjkzNVowgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEU
MBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hu
b2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIzAhBgNVBAMTGndlYkNBUkVTIElzc3Vp
bmcgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn3dn
PbHAJhzYfdHSIjw0VuUZ7lVL8lntaQmK9qvgJQEZJOIgRWiaGsz2rs0sSIlBxYER
1zC7ys9jtjdPwWflw4uCK+LksITxflAuvxPdnYSBEoljI2gdiFMdRBhWhNSUJSn0
FJyK57kqwP/TZhLUfNSfUZnOTwDhCJBmAqtys6tHUNrRa6Hx6UkkkgIGaJrhxpOs
qVwyjHwUodXL0MNlmdhnQoyCAOSQmT5F6B9xseGcxnF6T63TSzZlvyr0VtE3p2bE
xwN4qBvUdaECad90ZjjocUaYIAjNVlu0CBm862yDy5rb2a/kNWTkWOwoXIpKFeI9
6I31nyoOxLe8VEMCDvNFIUhXXJ8lQt2C9/4E/fHHqoUDXBw6FaDHtP/8OjRaGren
FnLVVtAwG5Wmk/vfFLb0Fl+bPThf8ZczCkTySqlQLH8BMSmOl9xJzZeIoF688Nq/
1RdhzvYt9O9Vvxnv/VUm9HqA0AV3e/0rGs3epzTJFoULuT/dXhUBw7rssesRws77
fEUfwGBlfkLZIvv18uFiK1UzF908UScld78FnqnbWC1Bj3K67dg70Pq1zGnrwCoF
sMcZ+xRdJvFlUeFtL6jcEMbcP/ZA+vzCLR04T9u/Gsz1WBIlfjxpux2gqCkkP31u
5lzsB6YWl6NXkt16V1YgsEgpjTRJ5gMza3S9W3sCAwEAAaOCASIwggEeMBsGCSsG
AQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJ
KwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUxotkhU5b6pTyI2xbaQo4gJpbwX0wgbkG
A1UdIwSBsTCBroAUfsqwpSDmKAXXS0fTPqJacStC90+hgYmkgYYwgYMxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNV
BAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxHjAc
BgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIKSbHh+AAAAAAAEjANBgkqhkiG
9w0BAQsFAAOCAgEAVP/uDuiy8OyjrHGy6IQLeGLFrhYgmAYW2cmKg535dPj5JzSR
FnqovKZ0751z9qsMf58kOodC0LqgNh0scm41HlTYh5mR2VCOkbDJKXv5K0h+dnsl
yRyi6Z9q68AbD+6usi4Fpb2eV4sNOPPOshvAamRXZFKDkvr4XkyyqR3aMOJPzwfV
XqbYoaLU9X2IcrROmqb4o1HnmMxQ6WulLWHIXXkfnpIR+MLUGrsDZ+Fn9MGgCDxl
pt/xGap0grbQ2QGxIkbw7UNtfVp8ntXqGnbOf72doUPfODuLFSFtAU/2AqvOETJL
fgUpKB7911/xyg2oRnE03KAvdOZLNTb1pVDj8uZMrwmk2XMxP6cqtFdIVRJ8M7Mk
LrPCuHwCw6J+i8Pd3wU1hMANeXbxhFLALWSwHHY6mT8uNz1i7Mi0o6G/EjHa4dT+
+Xszd2wnx7h6xAHTdopZGLPTJGVnjqJE2CkSA52k2EcI3Ej4X15l46VU6rlh5OT+
sPgGJSni3+GuIu1s7wwnjfCKZ5zxQNcU784gsJNGGkormtMMb7yYJvr9oacAha3C
E2WZwFIx1Nu2EcAbBbmAPDFRx5Mx8Fnj/5sDtChlMqRio3m78GfijWx+SiuNC5KE
bY1+DGgf5GtDoNG6ioIgzDU0OML2/i7e5RpA5rdH7jLbdGMFoxGuX7/eB2o=
-----END CERTIFICATE-----



Raw OCSP response headers


Cache-Control: [max-age=900]
Content-Length: 
[2453]
Content-Type: [application/ocsp-response]
Date: [Tue, 08 Dec 2015 
15:42:46 GMT]
Etag: ["55793bdc081460b26e78d71222d8531e"]
Expires: [Tue, 08 
Dec 2015 19:10:36 GMT]
Last-Modified: [Tue, 08 Dec 2015 07:00:36 
GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET ARR/2.5 
ASP.NET]


    
  
  • OCSP signing 
  certificate is already valid 
  
  • OCSP signing 
  certificate is not expired 
  
  • OCSP signing 
  certificate does not expire before NextUpdate 
  
  • OCSP signing 
  certificate does contain the Extended Key Usage for OCSP Signing 
  
  • OCSP signing 
  certificate does contain the OCSP No Check extension 
  
  • Content-Type in 
  response is set to 'application/ocsp-response' 
  
  • Response is 
  already valid 
  
  • Response is not 
  expired 
  
  • ThisUpdate is less than four days old, OCSP information 
  must be updated at least every four days (Mozilla & Baseline Requirements) 
  
  
  • The NextUpdate field is not more than ten days beyond 
  the value of the ThisUpdate field (Mozilla & Baseline Requirements) 
  
  • Last-Modified header is the same as ThisUpdate (RFC 
  5019, section 6.2) 
  
  • NextUpdate is 
  after the date in the Expires cache header 
  
  • The 
  Cache-Control max-age header does not outlive NextUpdate 
  
  • ThisUpdate has a 
  date before NextUpdate 
  
  • Expires cache header is the same as the NextUpdate field 
  (RFC 5019 section 6.2) 


webCARES Issuing CA 2013 (CA Certificate)




This certificate was cached at 




Certificate details for webCARES 
Issuing CA 2013 (At position 1 in certificate 
chain)










Serial number:


hex: 
49b1e1f8000000000012
int: 
348014109714983449264146
Issued by: OATI WebCARES Root 
CA
Not valid before: 
Not valid after: 




Organization: Open Access 
Technology International Inc


State / Province: MN
Locality: Minneapolis
Country: US


    
  
  • This certificate 
  does not contain any links to an LDAP server 
  
  • This certificate 
  does not contain any internal server links 
  
  • This certificate 
  does not contain any links with an unknown format 









Certificate 
Revocation List (CRL)




This CRL was cached at 




http://certs.oaticerts.com/repository/OATICA2.crl






CRL 
information


Source: CRL Distribution Points in 
Certificate
Location: http://certs.oaticerts.com/repository/OATICA2.crl
Size: 
952 bytes (DER data)
Response time: 
973.421503ms
This update: 
Next update: 
Revoked: No
Revoked certificates in 
CRL: 0


Relevant server response headers


Date: 
Last Modified: 


Server and network information


Server Software: 
Microsoft-IIS/7.5




Raw CRL response headers


Accept-Ranges: [bytes]
Cache-Control: 
[max-age=900]
Content-Length: [952]
Content-Type: 
[application/pkix-crl]
Date: [Tue, 08 Dec 2015 15:42:45 GMT]
Etag: 
["7080377ad71bd11:0"]
Last-Modified: [Tue, 10 Nov 2015 16:47:25 
GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET]


    
  
  • Content-Type in response is set to 'application/pkix-crl 
  (RFC 5280, section 4.2.1.13)' 
  
  • This CRL file is 
  DER encoded 
  
  • Response is 
  already valid 
  
  • Response is not 
  expired 
  
  • Revocation information is updated at least once every 
  twelve months 
  
  • The value of the NextUpdate field is not more than 
  twelve months beyond the value of the ThisUpdate field 
  
  • Last-Modified header is not the same as ThisUpdate (RFC 
  5019, section 6.2) 
  
  • Expires cache header not set (RFC 5019, section 6.2) 
  
  • NextUpdate is 
  after the date in the Expires cache header 
  
  • The 
  Cache-Control max-age header does not outlive NextUpdate 
  
  • ThisUpdate has a 
  date before NextUpdate 
  
  • Expires cache header is the same as the NextUpdate field 
  (RFC 5019 section 6.2) 


Online 
Certificate Status Protocol (OCSP)




This OCSP response was cached at 




http://ocsp.oaticerts.com/ocsp 
(POST)Good






OCSP response information


Source: Authority Information Access 
in Certificate
Location: http://ocsp.oaticerts.com/ocsp 
(POST)
Size: 2453 bytes (DER data)
Response 
time: 787.848698ms
Signature algorithm: 
SHA256WithRSA
Signature type: CA Deligated
Signed 
by: webCARES Root OCSP 2015
Issued by: OATI 
WebCARES Root CA
Reported statuses: 1
This 
update: 
Next update: 
Produced at: 
Status: Good


Relevant server response headers


Date: 
Last Modified: 
Expires: 
Cache Control Max-age: 15m0s


Server and network information


Server Software: 
Microsoft-IIS/7.5




Raw OCSP request (PEM 
encoded)
-----BEGIN OCSP REQUEST-----
MEswSTBHMEUwQzAJBgUrDgMCGgUABBSJE5WxzDWUZmQ+QersXD3DbQZ2lwQUo//F
SuzLXJTV4MiGXuP9tGvhg84CCkmx4fgAAAAAABI=
-----END OCSP REQUEST-----



Raw OCSP response (PEM encoded)
-----BEGIN OCSP RESPONSE-----
MIIJkQoBAKCCCYowggmGBgkrBgEFBQcwAQEEggl3MIIJczCBmKIWBBRj1eTm2fCC
QzbrpQtDht5jij1/ZhgPMjAxNTExMTkxMzUyMjdaMG0wazBDMAkGBSsOAwIaBQAE
FIkTlbHMNZRmZD5B6uxcPcNtBnaXBBSj/8VK7MtclNXgyIZe4/20a+GDzgIKSbHh
+AAAAAAAEoAAGA8yMDE1MTExMDE2MzcyM1qgERgPMjAxNjAyMTEwNDU3MjNaMA0G
CSqGSIb3DQEBCwUAA4ICAQCpwWXvvGu9CbF2Aj9us2HweOdi4iAV4onA9zyXk/Cb
wXOc6a7gKTPugi3qK5xh1o1Q3+rPdJMNx6PWKcXnzCmyLp5wBqbCphOSpUQNxZ+V
JOJaDkjNCyGV86I9IP49LxubMlVwzrMtQExIqBPcXmcfTpRrFY10j4in6qD7mNU5
GAfaSKDXvvAbLWbtMGjSINpNyxa0THpagcIqo1cMzsdBVr4owQUOKLWm6HR3UJMN
PiHcqgGA7BDDGQvbs15yGSo3k6v9yyFbDCek6U1SvK5u54wOJ6TfsCkNDZDMP9Ev
Jx/pDbJxCZ/gTCRffkZfGTYz3/3LxJJMtmYd9aTAB7VBmjwWTGII+Yo89Nau30IX
vnPUoVzYaPdCeszEUFTeADplqhPJSODxlOgIMXqRA2NxwYRx7hnBd/1Vs30wmQtY
SHAzb9v6XYiHjd16m+MyKCLt2QeH5iEwn9tp4G5l1CYyc54Cc4G8/SbndJIOp5uY
SX3xCif9OOS5qrG86c90ojbXnc2tHJ5iblSRESx0psG7NWeEAAK/qOWUMBKW3dsv
zHV7AHJFZw6iNJfmkqY18BaL0OlQLLL9bAiDvq+xJN1eFs57qzg36dqhiW+lfcdP
aN62R2CJdiO6OowObjZVWr5yxijqLHgnjbKiGXiJeNj2/ODmabcJVUw17dvBhhqJ
36CCBsAwgga8MIIGuDCCBKCgAwIBAgIKJVtaoQAAAAAAGTANBgkqhkiG9w0BAQsF
ADCBgzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFw
b2xpczExMC8GA1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlv
bmFsIEluYzEeMBwGA1UEAxMVT0FUSSBXZWJDQVJFUyBSb290IENBMB4XDTE1MTEx
MjE5MzU0NVoXDTE3MTExMjE5NDU0NVowgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQI
EwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNz
IFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIDAeBgNVBAMTF3dlYkNBUkVT
IFJvb3QgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
9rWdRgsAzR5sLWjcGTeeLxeEjLSB6JlLYNkZex4gB8f8LOl6kfXyQ+m4TxELwUcB
A4cPabORpaVzEsGYAQ2wFaKkdtdLIst8jvTJZ9mXoXpMDMdaHwZeu6rO2IRIx+KH
8t5livBt7xr0kMXFlyupVfWe77zMpgFd32rFW/dkru1QMt6caGD7j641Rw4AIumo
m9ujkl4H2CqSP/xR8zO+JwBMlnGxXEPgH/MRsaiRrpZ+ZJ/DW8VkfZelhI9MBzW+
6TFfst3ijrQlnW6yxV8UVGQ90PXslh7MueNgbVoJdHw3vn1zOdBfXCxBMqH7vf33
B/86Bj/nbjR1bITTJZyZGXEOERu189deSyNJJGrUF5fvQgA6m3qA643d5N0n5qsJ
gaKX0DxmO3zSVS3wQUnY3vgrOe5EvUpleBbB5Yy46gmC0rdYEc8ZRML3G39u7qoF
Eu3gF4Dd78NBKodOoa7hrqT1SNtFXmJPj15joJqvx3qvBTblLdUAOTlxjTOKJJCx
lNn10wwgy0wyBstzzxFSXoTm8XrShCLTYSHT4oPJmUD34gZVNIwmw4usG25LtvPV
wDnw4oST2uaDTQSujakQ16vgLV3XyJ1lmyRiHGMi/ER3fHS+YUmCkOWEdv5UwWLS
lkYW4bYGRLMfxjTxd/61w87cJqP/Jwpa85s7f9Cz3/8CAwEAAaOCASgwggEkMBsG
CSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkw
DwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUY9Xk5tnwgkM266ULQ4beY4o9f2Yw
gb8GA1UdIwSBtzCBtIAU5Q1kcZ3JUunAmyppM8CTfPOB9d+hgYmkgYYwgYMxCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAv
BgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMx
HjAcBgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIQAldiBmp1YIdPkAS/ocgo
QTANBgkqhkiG9w0BAQsFAAOCAgEAq36Wzs3WbL04hYJRjSnRkzTVLupCV4fjO1cS
2RSG1hkyBn6UtgU1CntENUV4iVMl11Rmn+h4Kkdt+3gH/zWmDqOV5VkiuVNoxTfM
yqy6o66OBRZgEqS4D17ae57BTF9/Vk8bvww1NaewJiyyHQD2V7284KU4HxHiH0bp
g5nXgrfVvJopqcvPOI8AZQssIBKwxec2SKso3at1asqi8Xwwwgvs5+VIYePIXYWs
dRCCEiec8AfwbISxGxLajuXZu+YDHmHSf8/oEG8Tz6kqExtP/lPMAerEz++528Ah
3UywcWPEX2UQZ+nfsoPT4UOXaLRpceumGNFgc4aYrpFMxZMEbebNuPSKCLUt0wxd
yjx33rGQcbuqQEcqr2USoOpmqj8fjFHaz7Lgu295VI0nCJj5wnsOpzOqKNE9PbYh
mCyZkpXko04ksPo6lMqnvYkNSUm5MmLx7qvY4XFCG2rNsST0lATFR7pd1h4S2Trn
14kxsbL1h3s83+VGyNk6ibpH2dmn3TUGjQ6mn/AR/ki48JjDfWld+2YaYLfNxY6d
WKBJYNYeKOfa04P+mZV8JHIpfTrqqj268H33whqjL6bmBGtI7CAum6ztGcoazZ4S
kHy5MttjuDpscykFo2jEoN6Gpup0yRSDDa3MeU0u6iSu3EJXjBzN/cHzonR0rBkM
SZ3/1Es=
-----END OCSP RESPONSE-----



Raw 
OCSP Signing Certificate (PEM encoded)
-----BEGIN CERTIFICATE-----
MIIGuDCCBKCgAwIBAgIKJVtaoQAAAAAAGTANBgkqhkiG9w0BAQsFADCBgzELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczExMC8G
A1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlvbmFsIEluYzEe
MBwGA1UEAxMVT0FUSSBXZWJDQVJFUyBSb290IENBMB4XDTE1MTExMjE5MzU0NVoX
DTE3MTExMjE5NDU0NVowgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIG
A1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xv
Z3kgSW50ZXJuYXRpb25hbCBJbmMxIDAeBgNVBAMTF3dlYkNBUkVTIFJvb3QgT0NT
UCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9rWdRgsAzR5s
LWjcGTeeLxeEjLSB6JlLYNkZex4gB8f8LOl6kfXyQ+m4TxELwUcBA4cPabORpaVz
EsGYAQ2wFaKkdtdLIst8jvTJZ9mXoXpMDMdaHwZeu6rO2IRIx+KH8t5livBt7xr0
kMXFlyupVfWe77zMpgFd32rFW/dkru1QMt6caGD7j641Rw4AIumom9ujkl4H2CqS
P/xR8zO+JwBMlnGxXEPgH/MRsaiRrpZ+ZJ/DW8VkfZelhI9MBzW+6TFfst3ijrQl
nW6yxV8UVGQ90PXslh7MueNgbVoJdHw3vn1zOdBfXCxBMqH7vf33B/86Bj/nbjR1
bITTJZyZGXEOERu189deSyNJJGrUF5fvQgA6m3qA643d5N0n5qsJgaKX0DxmO3zS
VS3wQUnY3vgrOe5EvUpleBbB5Yy46gmC0rdYEc8ZRML3G39u7qoFEu3gF4Dd78NB
KodOoa7hrqT1SNtFXmJPj15joJqvx3qvBTblLdUAOTlxjTOKJJCxlNn10wwgy0wy
BstzzxFSXoTm8XrShCLTYSHT4oPJmUD34gZVNIwmw4usG25LtvPVwDnw4oST2uaD
TQSujakQ16vgLV3XyJ1lmyRiHGMi/ER3fHS+YUmCkOWEdv5UwWLSlkYW4bYGRLMf
xjTxd/61w87cJqP/Jwpa85s7f9Cz3/8CAwEAAaOCASgwggEkMBsGCSsGAQQBgjcV
CgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUH
MAEFBAIFADAdBgNVHQ4EFgQUY9Xk5tnwgkM266ULQ4beY4o9f2Ywgb8GA1UdIwSB
tzCBtIAU5Q1kcZ3JUunAmyppM8CTfPOB9d+hgYmkgYYwgYMxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9w
ZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxHjAcBgNVBAMT
FU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIQAldiBmp1YIdPkAS/ocgoQTANBgkqhkiG
9w0BAQsFAAOCAgEAq36Wzs3WbL04hYJRjSnRkzTVLupCV4fjO1cS2RSG1hkyBn6U
tgU1CntENUV4iVMl11Rmn+h4Kkdt+3gH/zWmDqOV5VkiuVNoxTfMyqy6o66OBRZg
EqS4D17ae57BTF9/Vk8bvww1NaewJiyyHQD2V7284KU4HxHiH0bpg5nXgrfVvJop
qcvPOI8AZQssIBKwxec2SKso3at1asqi8Xwwwgvs5+VIYePIXYWsdRCCEiec8Afw
bISxGxLajuXZu+YDHmHSf8/oEG8Tz6kqExtP/lPMAerEz++528Ah3UywcWPEX2UQ
Z+nfsoPT4UOXaLRpceumGNFgc4aYrpFMxZMEbebNuPSKCLUt0wxdyjx33rGQcbuq
QEcqr2USoOpmqj8fjFHaz7Lgu295VI0nCJj5wnsOpzOqKNE9PbYhmCyZkpXko04k
sPo6lMqnvYkNSUm5MmLx7qvY4XFCG2rNsST0lATFR7pd1h4S2Trn14kxsbL1h3s8
3+VGyNk6ibpH2dmn3TUGjQ6mn/AR/ki48JjDfWld+2YaYLfNxY6dWKBJYNYeKOfa
04P+mZV8JHIpfTrqqj268H33whqjL6bmBGtI7CAum6ztGcoazZ4SkHy5MttjuDps
cykFo2jEoN6Gpup0yRSDDa3MeU0u6iSu3EJXjBzN/cHzonR0rBkMSZ3/1Es=
-----END CERTIFICATE-----



Raw OCSP response headers


Cache-Control: [max-age=900]
Content-Length: 
[2453]
Content-Type: [application/ocsp-response]
Date: [Tue, 08 Dec 2015 
15:42:46 GMT]
Etag: ["cbc493a5ec695ce5fd69017529681c20"]
Expires: [Thu, 11 
Feb 2016 04:57:23 GMT]
Last-Modified: [Tue, 10 Nov 2015 16:37:23 
GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET ARR/2.5 
ASP.NET]


    
  
  • OCSP signing 
  certificate is already valid 
  
  • OCSP signing 
  certificate is not expired 
  
  • OCSP signing 
  certificate does not expire before NextUpdate 
  
  • OCSP signing 
  certificate does contain the Extended Key Usage for OCSP Signing 
  
  • OCSP signing 
  certificate does contain the OCSP No Check extension 
  
  • Content-Type in 
  response is set to 'application/ocsp-response' 
  
  • Response is 
  already valid 
  
  • Response is not 
  expired 
  
  • Revocation information is updated at least once every 
  twelve months 
  
  • The value of the NextUpdate field is not more than 
  twelve months beyond the value of the ThisUpdate field 
  
  • Last-Modified header is the same as ThisUpdate (RFC 
  5019, section 6.2) 
  
  • NextUpdate is 
  after the date in the Expires cache header 
  
  • The 
  Cache-Control max-age header does not outlive NextUpdate 
  
  • ThisUpdate has a 
  date before NextUpdate 
  
  • Expires cache header is the same as the NextUpdate field 
  (RFC 5019 section 6.2) 




This OCSP response was cached at 




http://ocsp.oaticerts.com/ocsp 
(GET)Good






OCSP response information


Source: Authority Information Access 
in Certificate
Location: http://ocsp.oaticerts.com/ocsp 
(GET)
Size: 2453 bytes (DER data)
Response 
time: 379.533097ms
Signature algorithm: 
SHA256WithRSA
Signature type: CA Deligated
Signed 
by: webCARES Root OCSP 2015
Issued by: OATI 
WebCARES Root CA
Reported statuses: 1
This 
update: 
Next update: 
Produced at: 
Status: Good


Relevant server response headers


Date: 
Last Modified: 
Expires: 
Cache Control Max-age: 15m0s


Server and network information


Server Software: 
Microsoft-IIS/7.5




URL used for GET request
http://ocsp.oaticerts.com/ocsp/MEswSTBHMEUwQzAJBgUrDgMCGgUABBSJE5WxzDWUZmQ%2BQersXD3DbQZ2lwQUo%2F%2FFSuzLXJTV4MiGXuP9tGvhg84CCkmx4fgAAAAAABI%3D


Raw OCSP request (PEM 
encoded)
-----BEGIN OCSP REQUEST-----
MEswSTBHMEUwQzAJBgUrDgMCGgUABBSJE5WxzDWUZmQ+QersXD3DbQZ2lwQUo//F
SuzLXJTV4MiGXuP9tGvhg84CCkmx4fgAAAAAABI=
-----END OCSP REQUEST-----



Raw OCSP response (PEM encoded)
-----BEGIN OCSP RESPONSE-----
MIIJkQoBAKCCCYowggmGBgkrBgEFBQcwAQEEggl3MIIJczCBmKIWBBRj1eTm2fCC
QzbrpQtDht5jij1/ZhgPMjAxNTExMTkxMzU5MjhaMG0wazBDMAkGBSsOAwIaBQAE
FIkTlbHMNZRmZD5B6uxcPcNtBnaXBBSj/8VK7MtclNXgyIZe4/20a+GDzgIKSbHh
+AAAAAAAEoAAGA8yMDE1MTExMDE2MzcyM1qgERgPMjAxNjAyMTEwNDU3MjNaMA0G
CSqGSIb3DQEBCwUAA4ICAQCujEGS6F26nGXH4sDcyeYs0B7SYmKEm6qUiBXwJ/Tv
RrrvEYfDBiSPDZu0jGJHIjA+1LsmaeoKN0KjYEY0MKd1f/ipQFRyNfwJSaL0GZEa
0vzZEIz9ISiXRgR8cyagzNq6hMHlUnZ7z24CY2hrDX1sh5RcZfys7aSbS8U2cdfx
p3QZV29a+UdIbmDnmS6RkWWoMs2dfiFMVh2pdPzb4caUb9b/LCSg2TAf8bpRQwZW
n54Aoyo7uTDeswx/oc3B2/d1we96+LaGPtNW3i5PI2i7xWiICcnzoeQbLnwXSYhk
1Yvo6hwt8n7k8SlhuGc0ywKfQh774z1WpwJaf1qhjyriqiTjrUZj8Vr0Mzz3HYxb
pF3ZfSLlVm3F9qJAt70FH1dDSnW3pwdMoYmNzdNtHLIeQD6OAE6in1Ud+iyVLb+k
7sci0SmGRMMwaXPqCNaaa1nMO9+LP739aHCuK0LHVhU4KxxBu7voJlLN06FuCU6N
GoI9x8Z8QJHdS4CvNnurYkUCGpB1NWlKuim+vusDumgc55EBv2vRbzbOsiDWxaoW
De7YkFanTGMg/SAeRrS/VQiOyXkR6Cy18vsBmrngNdRDN9R8zAdlahBH4569BDDe
o2JQ3149jrXPYzapGnxieYFMscPNzBTRk5DXKOrIcULCocpjCpk18m4r4TA6Fslz
0aCCBsAwgga8MIIGuDCCBKCgAwIBAgIKJVtaoQAAAAAAGTANBgkqhkiG9w0BAQsF
ADCBgzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFw
b2xpczExMC8GA1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlv
bmFsIEluYzEeMBwGA1UEAxMVT0FUSSBXZWJDQVJFUyBSb290IENBMB4XDTE1MTEx
MjE5MzU0NVoXDTE3MTExMjE5NDU0NVowgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQI
EwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNz
IFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxIDAeBgNVBAMTF3dlYkNBUkVT
IFJvb3QgT0NTUCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
9rWdRgsAzR5sLWjcGTeeLxeEjLSB6JlLYNkZex4gB8f8LOl6kfXyQ+m4TxELwUcB
A4cPabORpaVzEsGYAQ2wFaKkdtdLIst8jvTJZ9mXoXpMDMdaHwZeu6rO2IRIx+KH
8t5livBt7xr0kMXFlyupVfWe77zMpgFd32rFW/dkru1QMt6caGD7j641Rw4AIumo
m9ujkl4H2CqSP/xR8zO+JwBMlnGxXEPgH/MRsaiRrpZ+ZJ/DW8VkfZelhI9MBzW+
6TFfst3ijrQlnW6yxV8UVGQ90PXslh7MueNgbVoJdHw3vn1zOdBfXCxBMqH7vf33
B/86Bj/nbjR1bITTJZyZGXEOERu189deSyNJJGrUF5fvQgA6m3qA643d5N0n5qsJ
gaKX0DxmO3zSVS3wQUnY3vgrOe5EvUpleBbB5Yy46gmC0rdYEc8ZRML3G39u7qoF
Eu3gF4Dd78NBKodOoa7hrqT1SNtFXmJPj15joJqvx3qvBTblLdUAOTlxjTOKJJCx
lNn10wwgy0wyBstzzxFSXoTm8XrShCLTYSHT4oPJmUD34gZVNIwmw4usG25LtvPV
wDnw4oST2uaDTQSujakQ16vgLV3XyJ1lmyRiHGMi/ER3fHS+YUmCkOWEdv5UwWLS
lkYW4bYGRLMfxjTxd/61w87cJqP/Jwpa85s7f9Cz3/8CAwEAAaOCASgwggEkMBsG
CSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkw
DwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUY9Xk5tnwgkM266ULQ4beY4o9f2Yw
gb8GA1UdIwSBtzCBtIAU5Q1kcZ3JUunAmyppM8CTfPOB9d+hgYmkgYYwgYMxCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAv
BgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMx
HjAcBgNVBAMTFU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIQAldiBmp1YIdPkAS/ocgo
QTANBgkqhkiG9w0BAQsFAAOCAgEAq36Wzs3WbL04hYJRjSnRkzTVLupCV4fjO1cS
2RSG1hkyBn6UtgU1CntENUV4iVMl11Rmn+h4Kkdt+3gH/zWmDqOV5VkiuVNoxTfM
yqy6o66OBRZgEqS4D17ae57BTF9/Vk8bvww1NaewJiyyHQD2V7284KU4HxHiH0bp
g5nXgrfVvJopqcvPOI8AZQssIBKwxec2SKso3at1asqi8Xwwwgvs5+VIYePIXYWs
dRCCEiec8AfwbISxGxLajuXZu+YDHmHSf8/oEG8Tz6kqExtP/lPMAerEz++528Ah
3UywcWPEX2UQZ+nfsoPT4UOXaLRpceumGNFgc4aYrpFMxZMEbebNuPSKCLUt0wxd
yjx33rGQcbuqQEcqr2USoOpmqj8fjFHaz7Lgu295VI0nCJj5wnsOpzOqKNE9PbYh
mCyZkpXko04ksPo6lMqnvYkNSUm5MmLx7qvY4XFCG2rNsST0lATFR7pd1h4S2Trn
14kxsbL1h3s83+VGyNk6ibpH2dmn3TUGjQ6mn/AR/ki48JjDfWld+2YaYLfNxY6d
WKBJYNYeKOfa04P+mZV8JHIpfTrqqj268H33whqjL6bmBGtI7CAum6ztGcoazZ4S
kHy5MttjuDpscykFo2jEoN6Gpup0yRSDDa3MeU0u6iSu3EJXjBzN/cHzonR0rBkM
SZ3/1Es=
-----END OCSP RESPONSE-----



Raw 
OCSP Signing Certificate (PEM encoded)
-----BEGIN CERTIFICATE-----
MIIGuDCCBKCgAwIBAgIKJVtaoQAAAAAAGTANBgkqhkiG9w0BAQsFADCBgzELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAk1OMRQwEgYDVQQHEwtNaW5uZWFwb2xpczExMC8G
A1UEChMoT3BlbiBBY2Nlc3MgVGVjaG5vbG9neSBJbnRlcm5hdGlvbmFsIEluYzEe
MBwGA1UEAxMVT0FUSSBXZWJDQVJFUyBSb290IENBMB4XDTE1MTExMjE5MzU0NVoX
DTE3MTExMjE5NDU0NVowgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNTjEUMBIG
A1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9wZW4gQWNjZXNzIFRlY2hub2xv
Z3kgSW50ZXJuYXRpb25hbCBJbmMxIDAeBgNVBAMTF3dlYkNBUkVTIFJvb3QgT0NT
UCAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9rWdRgsAzR5s
LWjcGTeeLxeEjLSB6JlLYNkZex4gB8f8LOl6kfXyQ+m4TxELwUcBA4cPabORpaVz
EsGYAQ2wFaKkdtdLIst8jvTJZ9mXoXpMDMdaHwZeu6rO2IRIx+KH8t5livBt7xr0
kMXFlyupVfWe77zMpgFd32rFW/dkru1QMt6caGD7j641Rw4AIumom9ujkl4H2CqS
P/xR8zO+JwBMlnGxXEPgH/MRsaiRrpZ+ZJ/DW8VkfZelhI9MBzW+6TFfst3ijrQl
nW6yxV8UVGQ90PXslh7MueNgbVoJdHw3vn1zOdBfXCxBMqH7vf33B/86Bj/nbjR1
bITTJZyZGXEOERu189deSyNJJGrUF5fvQgA6m3qA643d5N0n5qsJgaKX0DxmO3zS
VS3wQUnY3vgrOe5EvUpleBbB5Yy46gmC0rdYEc8ZRML3G39u7qoFEu3gF4Dd78NB
KodOoa7hrqT1SNtFXmJPj15joJqvx3qvBTblLdUAOTlxjTOKJJCxlNn10wwgy0wy
BstzzxFSXoTm8XrShCLTYSHT4oPJmUD34gZVNIwmw4usG25LtvPVwDnw4oST2uaD
TQSujakQ16vgLV3XyJ1lmyRiHGMi/ER3fHS+YUmCkOWEdv5UwWLSlkYW4bYGRLMf
xjTxd/61w87cJqP/Jwpa85s7f9Cz3/8CAwEAAaOCASgwggEkMBsGCSsGAQQBgjcV
CgQOMAwwCgYIKwYBBQUHAwkwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUH
MAEFBAIFADAdBgNVHQ4EFgQUY9Xk5tnwgkM266ULQ4beY4o9f2Ywgb8GA1UdIwSB
tzCBtIAU5Q1kcZ3JUunAmyppM8CTfPOB9d+hgYmkgYYwgYMxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJNTjEUMBIGA1UEBxMLTWlubmVhcG9saXMxMTAvBgNVBAoTKE9w
ZW4gQWNjZXNzIFRlY2hub2xvZ3kgSW50ZXJuYXRpb25hbCBJbmMxHjAcBgNVBAMT
FU9BVEkgV2ViQ0FSRVMgUm9vdCBDQYIQAldiBmp1YIdPkAS/ocgoQTANBgkqhkiG
9w0BAQsFAAOCAgEAq36Wzs3WbL04hYJRjSnRkzTVLupCV4fjO1cS2RSG1hkyBn6U
tgU1CntENUV4iVMl11Rmn+h4Kkdt+3gH/zWmDqOV5VkiuVNoxTfMyqy6o66OBRZg
EqS4D17ae57BTF9/Vk8bvww1NaewJiyyHQD2V7284KU4HxHiH0bpg5nXgrfVvJop
qcvPOI8AZQssIBKwxec2SKso3at1asqi8Xwwwgvs5+VIYePIXYWsdRCCEiec8Afw
bISxGxLajuXZu+YDHmHSf8/oEG8Tz6kqExtP/lPMAerEz++528Ah3UywcWPEX2UQ
Z+nfsoPT4UOXaLRpceumGNFgc4aYrpFMxZMEbebNuPSKCLUt0wxdyjx33rGQcbuq
QEcqr2USoOpmqj8fjFHaz7Lgu295VI0nCJj5wnsOpzOqKNE9PbYhmCyZkpXko04k
sPo6lMqnvYkNSUm5MmLx7qvY4XFCG2rNsST0lATFR7pd1h4S2Trn14kxsbL1h3s8
3+VGyNk6ibpH2dmn3TUGjQ6mn/AR/ki48JjDfWld+2YaYLfNxY6dWKBJYNYeKOfa
04P+mZV8JHIpfTrqqj268H33whqjL6bmBGtI7CAum6ztGcoazZ4SkHy5MttjuDps
cykFo2jEoN6Gpup0yRSDDa3MeU0u6iSu3EJXjBzN/cHzonR0rBkMSZ3/1Es=
-----END CERTIFICATE-----



Raw OCSP response headers


Cache-Control: [max-age=900]
Content-Length: 
[2453]
Content-Type: [application/ocsp-response]
Date: [Tue, 08 Dec 2015 
15:42:45 GMT]
Etag: ["f709f214617560157ef21d873bae5515"]
Expires: [Thu, 11 
Feb 2016 04:57:23 GMT]
Last-Modified: [Tue, 10 Nov 2015 16:37:23 
GMT]
Server: [Microsoft-IIS/7.5]
X-Powered-By: [ASP.NET ARR/2.5 
ASP.NET]


    
  
  • OCSP signing 
  certificate is already valid 
  
  • OCSP signing 
  certificate is not expired 
  
  • OCSP signing 
  certificate does not expire before NextUpdate 
  
  • OCSP signing 
  certificate does contain the Extended Key Usage for OCSP Signing 
  
  • OCSP signing 
  certificate does contain the OCSP No Check extension 
  
  • Content-Type in 
  response is set to 'application/ocsp-response' 
  
  • Response is 
  already valid 
  
  • Response is not 
  expired 
  
  • Revocation information is updated at least once every 
  twelve months 
  
  • The value of the NextUpdate field is not more than 
  twelve months beyond the value of the ThisUpdate field 
  
  • Last-Modified header is the same as ThisUpdate (RFC 
  5019, section 6.2) 
  
  • NextUpdate is 
  after the date in the Expires cache header 
  
  • The 
  Cache-Control max-age header does not outlive NextUpdate 
  
  • ThisUpdate has a 
  date before NextUpdate 
  
  • Expires cache header is the same as the NextUpdate field 
  (RFC 5019 section 6.2) 




Check the revocation status for 
another website


Created by Paul van Brouwershaven (Follow me on 
Google+)