SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | close Yes (expired 11 days ago) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
| Resolves To: | 129.121.30.155 |
| Reverse IP lookup: | ip-129-121-30-155.local. |
| Nameserver: | ns2.arvixeshared.com. |
| Nameserver: | ns1.arvixeshared.com. |
General Information
| Common Name: | belowcost.net |
| SANs: | DNS:belowcost.netDNS:www.belowcost.net Total number of SANs: 2 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 226f49d730d552c2500bcc54a1c583d1 |
| Not Before: | Jan 12, 2020 00:00:00 GMT |
| Not After: | Jan 11, 2021 23:59:59 GMT |
| Number of certs: | 3 |
| Revocation Status: | This check is not applicable to expired certificates |
| OCSP Stapling: | Not Supported |
| Server: | Apache |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: belowcost.net
Decode this certificate for verbose information → launch| Subject Common Name | belowcost.net |
| Issuer Common Name | Sectigo RSA Domain Validation Secure Server CA |
| Issuer Organization | Sectigo Limited |
| Not Before: | Jan 12, 2020 00:00:00 GMT |
| Not After: | Jan 11, 2021 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 226f49d730d552c2500bcc54a1c583d1 |
| SHA1 Fingerprint: | 53:10:F6:A0:95:1F:16:78:4D:87:91:3C:3F:9E:A1:4D:C4:27:98:AD |
| MD5 Fingerprint: | AF:82:05:5F:51:0C:5D:F0:FC:F9:49:95:CC:17:FA:1E |
Certificate # 2 - Common Name: Sectigo RSA Domain Validation Secure Server CA
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | Sectigo RSA Domain Validation Secure Server CA |
| Subject Organization | Sectigo Limited |
| Issuer Common Name | USERTrust RSA Certification Authority |
| Issuer Organization | The USERTRUST Network |
| Not Before: | Nov 02, 2018 00:00:00 GMT |
| Not After: | Dec 31, 2030 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 7d5b5126b476ba11db74160bbc530da7 |
| SHA1 Fingerprint: | 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB |
| MD5 Fingerprint: | AD:AB:5C:4D:F0:31:FB:92:99:F7:1A:DA:7E:18:F6:13 |
Certificate # 3 - Common Name: USERTrust RSA Certification Authority
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | USERTrust RSA Certification Authority |
| Subject Organization | The USERTRUST Network |
| Issuer Common Name | AddTrust External CA Root |
| Issuer Organization | AddTrust AB |
| Not Before: | May 30, 2000 10:48:38 GMT |
| Not After: | May 30, 2020 10:48:38 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 13ea28705bf4eced0c36630980614336 |
| SHA1 Fingerprint: | EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3 |
| MD5 Fingerprint: | DB:78:CB:D1:90:95:27:35:D9:40:BC:80:AC:24:32:C0 |
OpenSSL Handshake
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 CN = belowcost.net
verify error:num=10:certificate has expired
notAfter=Jan 11 23:59:59 2021 GMT
verify return:1
depth=0 CN = belowcost.net
notAfter=Jan 11 23:59:59 2021 GMT
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:/CN=belowcost.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIQIm9J1zDVUsJQC8xUocWD0TANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIwMDExMjAwMDAwMFoXDTIxMDExMTIzNTk1OVowGDEWMBQGA1UEAxMNYmVs
b3djb3N0Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANjj1/f2
1zbbpnCzRHiamiZDIYL5hxmkVC5htI9A7KN2SbhexSew1Jyzojiul9wNB9NoPjkw
vaisb8WRKZ19bhxLheIbZPRbt9I/646+fhVR6sDWjtC/NOucHxSf5A+WYgpaZ8Sr
RVmsG4NfkqgMIL5+huwhHpsmX5Qjh/+OnfUTbLAYPxh2MSO/y7xR1eEXF+DuY9kG
GQNzjvZeekZM2qikjeuJBc0tF26C+VmPEPbi7Z8XClwfXgsJcPZDBLVl3drsW9OQ
QB+LXyV9rsJeMUXiZEWukitBI5Nr4Xls6W1eDcpmXZ3dkWWRqT6INZ6Tuo2OwVbL
AxAZYtyLRs0HTmkCAwEAAaOCAogwggKEMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb
+ZsF4bgBjWHhMB0GA1UdDgQWBBTbG/TT7W0BKN1Cz/roMZ89sL1mhDAOBgNVHQ8B
Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdo
dHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgw
djBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNB
RG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX
aHR0cDovL29jc3Auc2VjdGlnby5jb20wKwYDVR0RBCQwIoINYmVsb3djb3N0Lm5l
dIIRd3d3LmJlbG93Y29zdC5uZXQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB9
PvL4j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAW+alfAcAAAEAwBHMEUC
IDy7SATTdjBn3LJRBLH0dcMV5ksOiB7pp5pMq16bgXpeAiEA/YkGoV3Y7A2nX2qe
O+QgovyALk8eq2MIeL5DbWzqo8AAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/
0zOWtbaBqAAAAW+ale34AAAEAwBHMEUCIQC5qElWqFxCtgxEhu4WM71o0HJcqYWh
PjrPeF1d7D1MngIgRcu1e9ql2gd0d2Rf7DeiEcVPao8Yo8FU7sIvZmieMFcwDQYJ
KoZIhvcNAQELBQADggEBAF98ZrHd1cPwv/KOoQBG1CtJHsdjZv7c8ViUgAIcEer4
07mozSe2OHu7P9igYPFdPx7PRBt5iUqeSBvOPzekFCgvYpuuUupi8buSElGoZMd1
YRnUalNsLMI8SZXCa/bethYAc6ZKD6CpzNgno07SkNsf9KktsxDsWMbn5NqVaSNq
/gGzNsyqa41SzkbUMyoWB4CzF3Mv3DLgCerD91IeSBLoR3wtsWqlKM1WaTT7dQZh
PR1+YWgigz5YWSpzj7zPAkKHRZvQHtgZpCy1K8meLlDkkLsSi7vXpybvzOcW0B90
1eDnExZ8+qynH6t1FE+QyfAADNj0UxkTc3pbeu2/4LM=
-----END CERTIFICATE-----
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV
BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g
VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N
TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj
eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E
oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk
Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY
uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j
BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb
+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw
CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H
ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH
7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi
H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx
RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq
6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
-----END CERTIFICATE-----
2 s:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIQE+oocFv07O0MNmMJgGFDNjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00yt
UINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NC
tnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQIjy8/hPwhxR79uQf
jtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfbIWax1Jt4A8BQOujM
8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+O2hm
AUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiV
Z4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9
N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sF
qV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9
HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ5lhCLkMaTLTwJUdZ
+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4Diup8kyX
HAc/DVL17e8vgg8CAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTv
A73gJMtUGjAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/
BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1Ud
HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4
dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0
dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAJNl9jeD
lQ9ew4IcH9Z35zyKwKoJ8OkLJvHgwmp1ocd5yblSYMgpEg7wrQPWCcR23+WmgZWn
RtqCV6mVksW2jwMibDN3wXsyF24HzloUQToFJBv2FAY7qCUkDrvMKnXduXBBP3zQ
YzYhBx9G/2CkkeFnvN4ffhkUyWNnkepnB2u0j4vAbkN9w6GAbLIevFOFfdyQoaS8
Le9Gclc1Bb+7RrtubTeZtv8jkpHGbkD4jylW6l/VXxRTrPBPYer3IsynVgviuDQf
Jtl7GQVoP7o81DgGotPmjw7jtHFtQELFhLRAlSv0ZaBIefYdgWOWnU914Ph85I6p
0fKtirOMxyHNwu8=
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=belowcost.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5146 bytes and written 333 bytes
Verification error: certificate has expired
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: DF296B5CF1B4276A690E8A0DD808FF9A977B83A3BFCC2339232B8DC79FEBD62E
Session-ID-ctx:
Master-Key: CBE0215DD694B42EC77523B82602D88B08933BFB72164BABC955D70EA4A4EC031B004AB05ED35F969E7CFD607120F98B
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 51 2e c5 f6 f3 69 35 b2-76 91 02 4b e7 77 50 c2 Q....i5.v..K.wP.
0010 - 9f cf 77 28 35 16 e1 97-21 17 d8 55 8f b4 7a 03 ..w(5...!..U..z.
0020 - 17 12 06 d1 32 b4 07 54-69 97 4f e7 9e eb f7 02 ....2..Ti.O.....
0030 - f4 3e 8f f2 78 82 ce 81-95 c0 20 8f 28 ca 6c 75 .>..x..... .(.lu
0040 - c5 70 b6 62 aa f7 66 33-ca b9 10 a1 de 97 4f a0 .p.b..f3......O.
0050 - 53 fe 3a 07 d2 6b 67 fd-97 1a bc 4d b6 0a 31 f6 S.:..kg....M..1.
0060 - e4 19 9a 16 2f b0 7b 2d-fb 7a 7f 5b b4 29 1a b3 ..../.{-.z.[.)..
0070 - ee bc 4c 7a 0f f1 90 67-6f 80 61 61 21 d2 e2 96 ..Lz...go.aa!...
0080 - 25 ef dd 50 cf fd 4d 63-6d 0d 93 b0 04 ae f7 a9 %..P..Mcm.......
0090 - 1a 97 d0 64 0a a9 bb 7c-3d 2f e5 ac b6 ff 13 8e ...d...|=/......
00a0 - 09 a1 b3 d3 17 38 40 25-c7 97 29 5e 8d 2f d1 fb .....8@%..)^./..
00b0 - f3 a9 c6 5f 79 a1 59 44-8e 7b f3 64 d2 68 ee a8 ..._y.YD.{.d.h..
00c0 - 42 62 7b 7a 1e 06 4c eb-a9 7f 99 d8 26 a8 31 1c Bb{z..L.....&.1.
Start Time: 1611309044
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)
Extended master secret: no
---
DONE