TLS/SSL certificate check


Port to connect on:
Secure HTTP / HTTPS - port 443 Secured SMTP - port 465 Secured IMAP - port 993 Secured POP3 - port 995

TLS/SSL check of 'revoked.badssl.com'

End-Entity certificate verification error

Certificat 'revoked.badssl.com' FAILED the verification

Summary


Host:
revoked.badssl.com, 104.154.89.105, port 443


Protocols:
All good
 3 supported protocols: TLS 1.2, TLS 1.1, TLS 1.0


Certificate:
Failed
 Certificate 'revoked.badssl.com': Certificate is revoked (Revoked)

Protocol support



Protocol support:
TLS 1.3
No support
TLS 1.2
Supported
TLS 1.1
Supported
TLS 1.0
Supported
SSL 3.0
No support
SSL 2.0
No support

Verification:
TLS 1.2 is supported
 
It is noteworthy, that TLS 1.3 is not supported. Consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was officially deprecated, and as of June 2015 SSL3 and SSL2 was deprecated. Use of either protocol is not recomended

Chain of certificates

3 of 3 - End-Entity
revoked.badssl.com

Certificat:
revoked.badssl.com

Issued by:
E6, Let's Encrypt, US

Valid:
From 2025-07-01 to 2025-09-29

Verification:
Certificate is revoked (Revoked)
 

SAN's:
revoked.badssl.com

Key:
ECC
Signature algorithm:
sha384ECDSA

Serial:
06E9E23EE32684030A2FF3ADCD7AC8A44F9B

PEM format:
Click to see certificate as PEM (modal)

2 of 3 - Intermediate
E6

Certificat:
E6, Let's Encrypt, US

Issued by:
ISRG Root X1, Internet Security Research Group, US

Valid:
From 2024-03-13 to 2027-03-12

Verification:
Certificate is verified okay

Key:
ECC
Signature algorithm:
sha256RSA

Serial:
00B0573E9173972770DBB487CB3A452B38

PEM format:
Click to see certificate as PEM (modal)

1 of 3 - Root certificate
ISRG Root X1

Certificat:
ISRG Root X1, Internet Security Research Group, US

Issued by:
ISRG Root X1, Internet Security Research Group, US

Valid:
From 2015-06-04 to 2035-06-04

Verification:
Certificate is verified okay

Key:
RSA, 4096 bit
Signature algorithm:
sha256RSA

Serial:
008210CFB0D240E3594463E0BB63828B00

PEM format:
Click to see certificate as PEM (modal)

Root Store trust

ISRG Root X1

Issued by:
Internet Security Research Group

Root Store trust:
The root certificte is trustet by ALL major trusted root certificate stores

Microsoft:
Root Certificate is fully trusted by Microsoft (Windows)

Apple:
Root Certificate is fully is trusted by Apple (iOS, iPadOS, macOS)

Android:
Root Certificate is fully is trusted by Android

API

You may perform this lookup using the API and get the results as easy-to-parse JSON data.

Read more on the API at https://iamroot.tech/about/api (regarding authentication and rate limits, among other things), or give it a go right away using the 'try it' button.

 
GET
 https://iamroot.tech/ssl-certificate-check/api/?host=revoked.badssl.com&hostPort= copy try it
 

Log

116+116
  • Host 'revoked.badssl.com' resolved in 115ms
116+000
  • Check protocols
116+000
  • Start SSL 2.0 protocol check, revoked.badssl.com, port 443
117+000
  • Start TLS 1.3 protocol check, revoked.badssl.com, port 443
117+000
  • Start TLS 1.2 protocol check, revoked.badssl.com, port 443
117+000
  • Start TLS 1.1 protocol check, revoked.badssl.com, port 443
117+000
  • Start TLS 1.0 protocol check, revoked.badssl.com, port 443
118+000
  • Start SSL 3.0 protocol check, revoked.badssl.com, port 443
148+030
  • Protocol check of SSL 3.0 done in 30ms - failed
    Unable to authenticate connection using SSL 3.0
148+032
  • Protocol check of SSL 2.0 done in 31ms - failed
    Unable to authenticate connection using SSL 2.0
179+062
  • Protocol check of TLS 1.3 done in 62ms - failed
    Unable to authenticate connection using TLS 1.3
207+090
  • Protocol check of TLS 1.2 done in 90ms - all good
209+092
  • Protocol check of TLS 1.0 done in 91ms - all good
211+094
  • Protocol check of TLS 1.1 done in 93ms - all good
211+063
  • TLS 1.2 is supported
    It is noteworthy, that TLS 1.3 is not supported. Consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was officially deprecated, and as of June 2015 SSL3 and SSL2 was deprecated. Use of either protocol is not recomended
211+000
  • Done
211+000
  • Check certificate
211+000
  • Load and verify chain of certificates
325+114
  • Full chain of certificates has been loaded and verified in 113ms.
325+000
  • ERREnd-Entity certificate verification error
    Certificat 'revoked.badssl.com' FAILED the verification
325+000
  • Host 'revoked.badssl.com' is matching Subject/SAN 'revoked.badssl.com' of certificate. All good!
325+000
  • Intermediate certificate verification success
    Certificat 'E6' SUCCEDED the verification.
325+000
  • Root certificate verification success
    Certificat 'ISRG Root X1' SUCCEDED the verification.
325+000
  • Check root store status of root certificate
326+001
  • Trustet by all major trusted root certificate stores
    The root certificte is trustet by ALL major trusted root certificate stores
326+000
  • Done
326+000
  • Done
326+000
  • Done

How do you feel about iamroot.tech?

(done in 5 seconds)