Certificate Chain Deep Dive

Comprehensive certificate chain validation and CRL revocation analysis.

HTTPS://

Try these examples:

✅ Valid Chain ❌ Revoked Certificate ⚠️ Incomplete Chain

revoked-rsa-dv.ssl.com

8/5/2025, 3:38:51 pm UTC

Certificate Chain Validation

❌ Certificate chain has issues that may prevent browsers from trusting it.

Issues:

  • Certificate 'revoked-rsa-dv.ssl.com' is REVOKED

Warnings:

  • Root certificate included in chain (not necessary but harmless)

Certificate Details

End Entity

Leaf Certificate
Download PEM
Subject: revoked-rsa-dv.ssl.com
Issuer: SSL.com RSA SSL subCA
Serial (Decimal): 75229841967580571136316150793307816534
Serial (Hex): 3898BD93BF32C3FCCBF729E08A920256

Valid From: 2025-06-09 14:51:24

Valid Until: 2026-07-10 14:51:24

Signature: RSA-SHA256

Version: 3

OCSP URLs:
http://ocsps.ssl.com
CRL Revocation Status:

❌ Certificate is REVOKED (found in CRL)

CRL size: 64036 bytes

CRL URL

http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl

Intermediate CA

Download PEM
Subject: SSL.com RSA SSL subCA
Issuer: SSL.com Root Certification Authority RSA
Serial (Decimal): 691281723435976700
Serial (Hex): 0997ED109D1F07FC

Valid From: 2016-02-12 18:48:52

Valid Until: 2031-02-12 18:48:52

Signature: RSA-SHA256

Version: 3

Root CA

Download PEM
Subject: SSL.com Root Certification Authority RSA
Issuer: SSL.com Root Certification Authority RSA
Serial (Decimal): 8875640296558310041
Serial (Hex): 7B2C9BD316803299

Valid From: 2016-02-12 17:39:39

Valid Until: 2041-02-12 17:39:39

Signature: RSA-SHA256

Version: 3