Knowledge Base

DigiCert Certificate Status IP Addresses

Solution ID : ALERT19

Last Modified : 07/23/2025

This page contains the DigiCert dedicated IP addresses for DigiCert Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), and a few other DigiCert services.

How do these IP addresses affect my digital certificate environment?

DigiCert certificate status IPv4 addresses

DigiCert certificate status IPv6 addresses

DigiCert adding new dedicated IPv4 addresses

On September 8, 2025, at 08:00 MST (15:00 UTC), DigiCert will add a secondary CDN (content delivery network) and assign additional IPv4 addresses to our Online Certificate Status Protocol (OCSP), Certificate Revocation List (CRL), and a few other DigiCert services.

If your company uses allowlists to control outbound traffic, update your outbound allowlist on your firewalls, security groups, or proxies to include the new IPv4 addresses below before September 8, 2025. You must do this to keep your DigiCert services running as they were before the addition of the new IPv4 addresses.

IPv4 addresses

162.159.142.7
162.159.142.8
162.159.142.9
162.159.142.10

172.66.2.3
172.66.2.4
172.66.2.5
172.66.2.6

To learn more, see our change log entry for September 8, 2025, DigiCert: Adding a secondary CDN with additional dedicated IP addresses.

How do these IP addresses affect my digital certificate environment?

Do you have DigiCert certificates? Do you use allowlists to control inbound and outbound connectivity to your environment?

Then, check the table below and add the necessary IPv4 addresses to your allowlist. You must allow outbound connectivity to these addresses to verify if a certificate should be trusted.

OCSP and CRL distribution endpoints using any of the following subdomains do not use the IPv4 addresses in the table below:

one.digicert.com
one.nl.digicert.com
one.ch.digicert.com
one.digicert.co.jp
one.oracle.digicert.com.

DigiCert ONE: If your Trust Lifecycle, Software Trust, or Document Trust Manager (USA, CH, NL, JP) uses public certificates from CertCentral Global, CertCentral Europe, or PKI Platform 8, you may want to add these IPv4 addresses to your allowlist.

What are OCSPs and CRLs used for?

Your applications and browsers call one of our OCSP or CRL endpoints to learn the revocation status of a DigiCert certificate, such as a TLS or code signing certificate.

If the certificate is not listed in the CRL and the OCSP status is good, you can trust it to protect the website or verify the code it signed.
If the certificate has been revoked, you should no longer trust it to protect the website or verify the code it signed.

DigiCert certificate status IPv4 addresses

Most of the IPv4 addresses are for the DigiCert OCSPs and CRLs. However, we have included some additional PKI Platform 8 services in the table.

*Note: On September 8, 2025, DigiCert will add these new dedicated IPv4 addresses.

Service	URL	IPv4 addresses
CertCentral Global OCSPs	ocsp.digicert.com status.thawte.com status.geotrust.com status.rapidssl.com kr.ocsp.digicert.com ocsp.digicert-cn.com ocsp.edge.digicert.com ocsp.omniroot.com ocsp1.digicert.com ocsp2.digicert.com ocspx.digicert.com statusd.digitalcertvalidation.com statuse.digitalcertvalidation.com statusf.digitalcertvalidation.com statush.digitalcertvalidation.com www.public-trust.com	162.159.142.7* 162.159.142.8* 162.159.142.9* 162.159.142.10* 172.66.2.3* 172.66.2.4* 172.66.2.5* 172.66.2.6* 2.16.38.4/32 2.16.70.4/32 2.17.51.198/32 2.17.190.73/32 2.22.98.7/32 2.23.77.188/32 2.23.115.184/32 23.4.43.62/32 23.5.103.252/32 23.9.199.253/32 23.9.220.6/32 23.10.239.251/32 23.13.145.132/32 23.15.147.118/32 23.15.192.8/32 23.33.158.241/32 23.33.192.6/32 23.35.47.228/32 23.35.56.86/32 23.35.89.14/32 23.36.55.181/32 23.37.240.161/32 23.38.30.153/32 23.38.59.250/32 23.38.128.228/32 23.39.28.44/32 23.39.81.215/32 23.40.158.218/32 23.42.70.18/32 23.42.196.39/32 23.42.243.6/32 23.46.32.10/32 23.46.247.107/32 23.47.110.142/32 23.49.140.110/32 23.50.21.119/32 23.50.108.3/32 23.51.98.7/32 23.52.56.216/32 23.52.159.218/32 23.53.128.229/32 23.53.193.109/32 23.54.109.203/32 23.54.251.198/32 23.55.136.38/32 23.55.219.177/32 23.58.31.18/32 23.58.191.18/32 23.59.113.152/32 23.60.131.209/32 23.63.20.21/32 23.63.118.230/32 23.64.172.197/32 23.65.15.245/32 23.65.143.158/32 23.66.33.52/32 23.67.160.244/32 23.196.96.159/32 23.196.145.221/32 23.196.193.245/32 23.198.74.242/32 23.201.3.207/32 23.202.3.246/32 23.203.176.221/32 23.204.150.28/32 23.207.17.2/32 23.208.236.42/32 23.210.96.161/32 23.210.163.238/32 23.210.252.238/32 23.212.34.247/32 23.217.147.198/32 23.219.19.250/32 23.221.103.220/32 23.222.208.162/32 59.151.128.10/32 72.247.234.254/32 92.123.159.240/32 96.7.5.228/32 96.16.19.56/32 96.16.241.23/32 104.75.232.13/32 104.78.173.167/32 104.81.99.218/32 104.82.114.5/32 104.83.138.254/32 104.94.127.7/32 118.214.79.16/32 118.214.255.18/32 118.215.103.18/32 184.24.0.227/32 184.24.117.245/32 184.24.231.245/32 184.26.192.44/32 184.27.16.5/32 184.28.9.100/32 184.30.131.245/32 184.31.68.248/32 184.31.176.162/32 184.50.179.49/32 184.86.11.11/32
CertCentral Global CRLs	crl3.digicert.com crl4.digicert.com cdp.thawte.com cdp.geotrust.com cdp.rapidssl.com cdp1.digicert.com cdp1.public-trust.com cdp2.digicert.com cdph.digitalcertvalidation.com crl.digicert-cn.com crl.edge.digicert.com crl.pki.abb.com www.public-trust.com	See CertCentral Global OCSPs
CertCentral Europe OCSPs	ocsp.digicert.eu	162.159.142.7* 162.159.142.8* 162.159.142.9* 162.159.142.10* 172.66.2.3* 172.66.2.4* 172.66.2.5* 172.66.2.6* 2.16.38.7/32 2.16.70.7/32 2.17.70.158/32 2.18.150.166/32 2.19.66.9/32 2.21.193.10/32 2.21.208.234/32 23.0.20.23/32 23.1.28.179/32 23.2.89.202/32 23.2.176.169/32 23.4.65.93/32 23.5.108.225/32 23.6.4.162/32 23.6.242.12/32 23.7.1.103/32 23.10.230.8/32 23.11.88.161/32 23.11.113.3/32 23.13.150.247/32 23.14.65.8/32 23.15.158.153/32 23.34.97.102/32 23.35.49.15/32 23.35.90.48/32 23.35.114.102/32 23.35.129.54/32 23.36.235.132/32 23.37.49.55/32 23.37.143.11/32 23.37.245.128/32 23.38.133.196/32 23.39.86.183/32 23.41.197.198/32 23.42.103.206/32 23.42.225.4/32 23.46.122.4/32 23.47.23.54/32 23.47.103.216/32 23.47.226.5/32 23.48.65.10/32 23.49.88.3/32 23.49.147.11/32 23.49.164.42/32 23.50.24.20/32 23.51.32.85/32 23.51.102.235/32 23.53.99.41/32 23.53.133.198/32 23.53.198.166/32 23.57.203.181/32 23.58.32.29/32 23.59.118.103/32 23.63.122.205/32 23.74.16.3/32 23.195.149.98/32 23.196.101.120/32 23.196.150.195/32 23.196.200.216/32 23.197.53.135/32 23.198.54.161/32 23.198.79.210/32 23.202.8.218/32 23.202.212.119/32 23.203.84.121/32 23.203.181.191/32 23.204.164.250/32 23.205.193.20/32 23.207.4.189/32 23.207.22.235/32 23.210.101.126/32 23.212.40.219/32 23.213.144.230/32 23.218.4.218/32 23.218.51.104/32 23.218.180.218/32 23.221.108.189/32 23.221.145.19/32 23.221.200.188/32 23.222.213.127/32 23.223.65.24/32 88.221.240.29/32 92.122.99.16/32 95.100.224.47/32 96.16.242.161/32 96.17.16.33/32 104.68.232.99/32 104.75.224.13/32 104.78.166.137/32 104.81.104.188/32 104.83.150.229/32 104.110.75.145/32 104.111.207.39/32 118.215.73.2/32 184.24.5.196/32 184.24.173.205/32 184.30.194.197/32 184.31.37.229/32 184.31.74.218/32 184.31.181.127/32 184.86.224.40/32
CertCentral Europe CRLs	crl.digicert.eu	See CertCentral Europe OCSPs
CertCentral Europe CA certificates	cacert.digicert.eu	See CertCentral Europe OCSPs
PKI Platform 8 OCSP	See attached csv file - pki-platform-8-ocsp.csv below.	162.159.142.7* 162.159.142.8* 162.159.142.9* 162.159.142.10* 172.66.2.3* 172.66.2.4* 172.66.2.5* 172.66.2.6* 2.16.38.6/32 2.16.70.6/32 2.17.51.68/32 2.17.65.87/32 2.17.189.192/32 2.18.143.11/32 2.18.145.90/32 2.19.77.136/32 2.21.207.4/32 2.22.142.222/32 2.23.79.3/32 2.23.115.54/32 23.1.63.7/32 23.4.191.137/32 23.9.199.134/32 23.9.217.92/32 23.10.239.131/32 23.13.144.239/32 23.15.22.145/32 23.15.111.5/32 23.35.47.109/32 23.35.54.216/32 23.36.55.51/32 23.37.240.38/32 23.38.59.130/32 23.38.128.111/32 23.39.27.167/32 23.39.81.96/32 23.40.158.98/32 23.41.71.26/32 23.42.76.126/32 23.42.98.116/32 23.42.195.162/32 23.42.241.135/32 23.46.246.229/32 23.47.103.239/32 23.49.95.178/32 23.49.131.209/32 23.50.19.15/32 23.52.56.90/32 23.52.159.98/32 23.53.77.91/32 23.53.128.110/32 23.53.192.230/32 23.54.12.97/32 23.54.251.67/32 23.55.119.160/32 23.55.219.46/32 23.58.46.114/32 23.60.127.21/32 23.61.175.4/32 23.63.113.242/32 23.63.150.120/32 23.64.7.47/32 23.64.255.4/32 23.65.143.35/32 23.65.200.106/32 23.66.32.218/32 23.67.160.127/32 23.196.96.36/32 23.196.145.101/32 23.198.49.90/32 23.198.106.123/32 23.201.3.76/32 23.203.176.101/32 23.204.100.149/32 23.208.235.165/32 23.210.96.39/32 23.217.147.68/32 23.219.19.133/32 23.221.103.101/32 23.222.208.39/32 69.192.127.4/32 72.247.234.134/32 92.123.159.110/32 92.123.167.14/32 92.123.207.5/32 92.123.255.3/32 95.100.31.4/32 96.7.5.110/32 96.16.18.184/32 96.16.240.128/32 96.17.31.4/32 96.17.47.5/32 104.78.173.45/32 104.81.99.98/32 104.83.76.107/32 104.83.138.135/32 104.120.228.205/32 118.214.79.6/32 118.214.111.5/32 118.215.127.4/32 184.24.0.110/32 184.24.168.116/32 184.24.231.128/32 184.30.131.114/32 184.31.32.154/32 184.31.68.129/32 184.31.176.39/32 184.50.191.4/32 184.84.47.6/32
PKI Platform 8 CRL/CA certificates	See the attached csv file – pki-platform-8-crl-ca-cert-urls.csv below.	See CertCentral Global OCSPs
PKI client downloads	pkiclient-updater.digicert.com pki-downloads.digicert.com	See CertCentral Global OCSPs
QuoVadis TrustLink OCSP	ocsp.quovadisglobal.com	162.159.142.7* 162.159.142.8* 162.159.142.9* 162.159.142.10* 172.66.2.3* 172.66.2.4* 172.66.2.5* 172.66.2.6* 2.16.38.5/32 2.16.70.5/32 2.17.59.128/32 2.17.184.20/32 2.18.221.8/32 2.23.109.198/32 2.23.124.127/32 23.0.20.6/32 23.4.34.231/32 23.6.243.4/32 23.9.16.5/32 23.9.202.9/32 23.10.227.6/32 23.32.210.62/32 23.33.38.46/32 23.35.180.55/32 23.36.124.133/32 23.37.132.12/32 23.39.100.133/32 23.39.105.134/32 23.40.163.133/32 23.41.174.56/32 23.42.24.7/32 23.43.145.5/32 23.45.157.124/32 23.47.10.6/32 23.48.81.207/32 23.49.109.6/32 23.49.144.4/32 23.50.24.8/32 23.52.7.55/32 23.52.196.134/32 23.53.67.130/32 23.53.72.130/32 23.53.254.55/32 23.54.2.7/32 23.54.36.135/32 23.54.110.212/32 23.55.197.196/32 23.56.217.201/32 23.58.203.6/32 23.59.99.55/32 23.59.108.31/32 23.60.147.178/32 23.61.125.6/32 23.62.232.5/32 23.63.182.8/32 23.64.254.6/32 23.65.192.9/32 23.66.32.10/32 23.194.27.55/32 23.196.140.130/32 23.196.252.135/32 23.197.119.140/32 23.198.44.128/32 23.198.167.10/32 23.201.12.135/32 23.201.207.137/32 23.203.68.52/32 23.203.76.63/32 23.206.26.31/32 23.206.75.137/32 23.208.124.6/32 23.209.228.58/32 23.209.252.135/32 23.217.44.135/32 23.218.67.52/32 23.220.228.6/32 23.220.236.135/32 23.221.98.140/32 23.222.140.135/32 23.222.173.8/32 23.223.65.6/32 59.151.131.238/32 88.221.241.4/32 92.122.9.217/32 95.100.16.7/32 95.101.177.251/32 104.68.245.5/32 104.77.20.5/32 104.78.167.71/32 104.81.11.98/32 104.81.129.134/32 104.83.69.8/32 104.83.132.145/32 104.86.83.102/32 104.98.201.209/32 104.103.145.110/32 104.119.243.123/32 118.214.138.6/32 173.223.29.194/32 173.223.145.217/32 184.25.64.7/32 184.28.133.145/32 184.29.123.156/32 184.30.4.6/32 184.30.139.133/32 184.51.37.103/32 184.84.189.206/32 184.86.169.117/32 184.87.198.12/32

DigiCert certificate status IPv6 addresses

On January 10, 2025, we are moving to a CDN (content delivery network). Unfortunately, we must remove support for IPv6 addresses.

pki-platform-8-crl-ca-cert-urls.csv

pki-platform-8-ocsp.csv

choose your language

Knowledge Base

DigiCert Certificate Status IP Addresses

How do these IP addresses affect my digital certificate environment?

DigiCert certificate status IPv4 addresses

*Note: On September 8, 2025, DigiCert will add these new dedicated IPv4 addresses.

DigiCert certificate status IPv6 addresses

Support

Products

Solutions