Client : Secure Sockets Layer SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 512 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 508 Version: TLS 1.2 (0x0303) Random GMT Unix Time: Oct 29, 2044 00:25:26.000000000 CEST Random Bytes: ade91bea3bb9b7e5e293fc78f83e4f02bd1a0e2ac22d1b87... Session ID Length: 0 Cipher Suites Length: 140 Cipher Suites (70 suites) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Cipher Suite: TLS_DH_DSS_WITH_AES_256_GCM_SHA384 (0x00a5) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00a3) Cipher Suite: TLS_DH_RSA_WITH_AES_256_GCM_SHA384 (0x00a1) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a) Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA256 (0x0069) Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA256 (0x0068) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA (0x0037) Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA (0x0036) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0086) Cipher Suite: TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0085) Cipher Suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 (0xc032) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02e) Cipher Suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 (0xc02a) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 (0xc026) Cipher Suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (0xc00f) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (0xc005) Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_DH_DSS_WITH_AES_128_GCM_SHA256 (0x00a4) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2) Cipher Suite: TLS_DH_RSA_WITH_AES_128_GCM_SHA256 (0x00a0) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040) Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA256 (0x003f) Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA256 (0x003e) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA (0x0031) Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA (0x0030) Cipher Suite: TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x009a) Cipher Suite: TLS_DHE_DSS_WITH_SEED_CBC_SHA (0x0099) Cipher Suite: TLS_DH_RSA_WITH_SEED_CBC_SHA (0x0098) Cipher Suite: TLS_DH_DSS_WITH_SEED_CBC_SHA (0x0097) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0043) Cipher Suite: TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0042) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_SEED_CBC_SHA (0x0096) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 327 Extension: server_name Type: server_name (0x0000) Length: 23 Server Name Indication extension Server Name list length: 21 Server Name Type: host_name (0) Server Name length: 18 Server Name: www.nextinpact.com Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 4 EC point formats Length: 3 Elliptic curves point formats (3) EC point format: uncompressed (0) EC point format: ansiX962_compressed_prime (1) EC point format: ansiX962_compressed_char2 (2) Extension: elliptic_curves Type: elliptic_curves (0x000a) Length: 28 Elliptic Curves Length: 26 Elliptic curves (13 curves) Elliptic curve: secp256r1 (0x0017) Elliptic curve: secp521r1 (0x0019) Elliptic curve: brainpoolP512r1 (0x001c) Elliptic curve: brainpoolP384r1 (0x001b) Elliptic curve: secp384r1 (0x0018) Elliptic curve: brainpoolP256r1 (0x001a) Elliptic curve: secp256k1 (0x0016) Elliptic curve: sect571r1 (0x000e) Elliptic curve: sect571k1 (0x000d) Elliptic curve: sect409k1 (0x000b) Elliptic curve: sect409r1 (0x000c) Elliptic curve: sect283k1 (0x0009) Elliptic curve: sect283r1 (0x000a) Extension: signature_algorithms Type: signature_algorithms (0x000d) Length: 32 Signature Hash Algorithms Length: 30 Signature Hash Algorithms (15 algorithms) Signature Hash Algorithm: 0x0601 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0602 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0603 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0501 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0502 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0503 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0401 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0402 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0403 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0301 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0302 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0303 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0201 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0202 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0203 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: ECDSA (3) Extension: Heartbeat Type: Heartbeat (0x000f) Length: 1 Mode: Peer allowed to send requests (1) Extension: next_protocol_negotiation Type: next_protocol_negotiation (0x3374) Length: 0 Extension: Application Layer Protocol Negotiation Type: Application Layer Protocol Negotiation (0x0010) Length: 14 ALPN Extension Length: 12 ALPN Protocol ALPN string length: 2 ALPN Next Protocol: h2 ALPN string length: 8 ALPN Next Protocol: http/1.1 Extension: Padding Type: Padding (0x0015) Length: 193 Padding Data: 000000000000000000000000000000000000000000000000... Server : Secure Sockets Layer TLSv1.2 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 100 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 96 Version: TLS 1.2 (0x0303) Random GMT Unix Time: May 31, 2017 15:36:07.000000000 CEST Random Bytes: 0929c746b9727e77c8901e391beeccc626238d62416bdb67... Session ID Length: 32 Session ID: 298f414c39d899f12d93f352dc49933dc4e7311479a38f9d... Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Compression Method: null (0) Extensions Length: 24 Extension: renegotiation_info Type: renegotiation_info (0xff01) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: server_name Type: server_name (0x0000) Length: 0 Extension: Application Layer Protocol Negotiation Type: Application Layer Protocol Negotiation (0x0010) Length: 5 ALPN Extension Length: 3 ALPN Protocol ALPN string length: 2 ALPN Next Protocol: h2 Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 2 EC point formats Length: 1 Elliptic curves point formats (1) EC point format: uncompressed (0) TLSv1.2 Record Layer: Handshake Protocol: Certificate Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 1916 Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 1912 Certificates Length: 1909 Certificates (1909 bytes) Certificate Length: 968 Certificate: 308203c43082036aa003020102021008e9b868edceb33d85... (id-at-commonName=nextinpact.com,id-at-organizationName=CloudFlare, Inc.,id-at-localityName=San Francisco,id-at-stateOrProvinceName=CA,id-at-countryName=US) signedCertificate version: v3 (2) serialNumber: 0x08e9b868edceb33d85ab659c651e63dc signature (iso.2.840.10045.4.3.2) Algorithm Id: 1.2.840.10045.4.3.2 (iso.2.840.10045.4.3.2) issuer: rdnSequence (0) rdnSequence: 5 items (id-at-commonName=CloudFlare Inc ECC CA-2,id-at-organizationName=CloudFlare, Inc.,id-at-localityName=San Francisco,id-at-stateOrProvinceName=CA,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-stateOrProvinceName=CA) RelativeDistinguishedName item (id-at-stateOrProvinceName=CA) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: CA RDNSequence item: 1 item (id-at-localityName=San Francisco) RelativeDistinguishedName item (id-at-localityName=San Francisco) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: San Francisco RDNSequence item: 1 item (id-at-organizationName=CloudFlare, Inc.) RelativeDistinguishedName item (id-at-organizationName=CloudFlare, Inc.) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: CloudFlare, Inc. RDNSequence item: 1 item (id-at-commonName=CloudFlare Inc ECC CA-2) RelativeDistinguishedName item (id-at-commonName=CloudFlare Inc ECC CA-2) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: CloudFlare Inc ECC CA-2 validity notBefore: utcTime (0) utcTime: 17-01-11 00:00:00 (UTC) notAfter: utcTime (0) utcTime: 18-01-11 12:00:00 (UTC) subject: rdnSequence (0) rdnSequence: 5 items (id-at-commonName=nextinpact.com,id-at-organizationName=CloudFlare, Inc.,id-at-localityName=San Francisco,id-at-stateOrProvinceName=CA,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-stateOrProvinceName=CA) RelativeDistinguishedName item (id-at-stateOrProvinceName=CA) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: CA RDNSequence item: 1 item (id-at-localityName=San Francisco) RelativeDistinguishedName item (id-at-localityName=San Francisco) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: San Francisco RDNSequence item: 1 item (id-at-organizationName=CloudFlare, Inc.) RelativeDistinguishedName item (id-at-organizationName=CloudFlare, Inc.) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: CloudFlare, Inc. RDNSequence item: 1 item (id-at-commonName=nextinpact.com) RelativeDistinguishedName item (id-at-commonName=nextinpact.com) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: nextinpact.com subjectPublicKeyInfo algorithm (id-ecPublicKey) Algorithm Id: 1.2.840.10045.2.1 (id-ecPublicKey) ECParameters: namedCurve (0) namedCurve: 1.2.840.10045.3.1.7 (secp256r1) Padding: 0 subjectPublicKey: 04b9a1e54fa46d56dc86cf34d440a7e0d847f2831d1d5742... extensions: 9 items Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: 3e742d1fcf4575047e3fc0a2873e4c43835113c6 Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: add76a862e0f6388da548815810d1f127176936e Extension (id-ce-subjectAltName) Extension Id: 2.5.29.17 (id-ce-subjectAltName) GeneralNames: 2 items GeneralName: dNSName (2) dNSName: *.nextinpact.com GeneralName: dNSName (2) dNSName: nextinpact.com Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 7 KeyUsage: 80 (digitalSignature) 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..0. .... = keyEncipherment: False ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .0.. = keyCertSign: False .... ..0. = cRLSign: False .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 2 items DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://crl3.digicert.com/CloudFlareIncECCCA2.crl DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://crl4.digicert.com/CloudFlareIncECCCA2.crl Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 2 items PolicyInformation policyIdentifier: 2.16.840.1.114412.1.1 (joint-iso-itu-t.16.840.1.114412.1.1) policyQualifiers: 1 item PolicyQualifierInfo Id: 1.3.6.1.5.5.7.2.1 (id-qt-cps) DirectoryString: https://www.digicert.com/CPS PolicyInformation policyIdentifier: 2.23.140.1.2.2 (joint-iso-itu-t.23.140.1.2.2) Extension (id-pe-authorityInfoAccessSyntax) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccessSyntax) AuthorityInfoAccessSyntax: 2 items AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-pkix.48.1) accessLocation: 6 uniformResourceIdentifier: http://ocsp.digicert.com AccessDescription accessMethod: 1.3.6.1.5.5.7.48.2 (id-pkix.48.2) accessLocation: 6 uniformResourceIdentifier: http://cacerts.digicert.com/CloudFlareIncECCCA-2.crt Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax [0 length] algorithmIdentifier (iso.2.840.10045.4.3.2) Algorithm Id: 1.2.840.10045.4.3.2 (iso.2.840.10045.4.3.2) Padding: 0 encrypted: 3045022100ee0d5b617270cadf732f3c5b4408770ab43d73... Certificate Length: 935 Certificate: 308203a33082028ba00302010202100ff3e61639aa3d1a12... (id-at-commonName=CloudFlare Inc ECC CA-2,id-at-organizationName=CloudFlare, Inc.,id-at-localityName=San Francisco,id-at-stateOrProvinceName=CA,id-at-countryName=US) signedCertificate version: v3 (2) serialNumber: 0x0ff3e61639aa3d1a1265f41f8b34e5b6 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 4 items (id-at-commonName=Baltimore CyberTrust Root,id-at-organizationalUnitName=CyberTrust,id-at-organizationName=Baltimore,id-at-countryName=IE) RDNSequence item: 1 item (id-at-countryName=IE) RelativeDistinguishedName item (id-at-countryName=IE) Id: 2.5.4.6 (id-at-countryName) CountryName: IE RDNSequence item: 1 item (id-at-organizationName=Baltimore) RelativeDistinguishedName item (id-at-organizationName=Baltimore) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Baltimore RDNSequence item: 1 item (id-at-organizationalUnitName=CyberTrust) RelativeDistinguishedName item (id-at-organizationalUnitName=CyberTrust) Id: 2.5.4.11 (id-at-organizationalUnitName) DirectoryString: printableString (1) printableString: CyberTrust RDNSequence item: 1 item (id-at-commonName=Baltimore CyberTrust Root) RelativeDistinguishedName item (id-at-commonName=Baltimore CyberTrust Root) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: Baltimore CyberTrust Root validity notBefore: utcTime (0) utcTime: 15-10-14 12:00:00 (UTC) notAfter: utcTime (0) utcTime: 20-10-09 12:00:00 (UTC) subject: rdnSequence (0) rdnSequence: 5 items (id-at-commonName=CloudFlare Inc ECC CA-2,id-at-organizationName=CloudFlare, Inc.,id-at-localityName=San Francisco,id-at-stateOrProvinceName=CA,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-stateOrProvinceName=CA) RelativeDistinguishedName item (id-at-stateOrProvinceName=CA) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: CA RDNSequence item: 1 item (id-at-localityName=San Francisco) RelativeDistinguishedName item (id-at-localityName=San Francisco) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: San Francisco RDNSequence item: 1 item (id-at-organizationName=CloudFlare, Inc.) RelativeDistinguishedName item (id-at-organizationName=CloudFlare, Inc.) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: CloudFlare, Inc. RDNSequence item: 1 item (id-at-commonName=CloudFlare Inc ECC CA-2) RelativeDistinguishedName item (id-at-commonName=CloudFlare Inc ECC CA-2) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: CloudFlare Inc ECC CA-2 subjectPublicKeyInfo algorithm (id-ecPublicKey) Algorithm Id: 1.2.840.10045.2.1 (id-ecPublicKey) ECParameters: namedCurve (0) namedCurve: 1.2.840.10045.3.1.7 (secp256r1) Padding: 0 subjectPublicKey: 04d156f49cb6e431a0f5a452cfe39a7a86fff286b25eccb5... extensions: 7 items Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax cA: True pathLenConstraint: 0 Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 1 KeyUsage: 86 (digitalSignature, keyCertSign, cRLSign) 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..0. .... = keyEncipherment: False ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .1.. = keyCertSign: True .... ..1. = cRLSign: True .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-pe-authorityInfoAccessSyntax) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccessSyntax) AuthorityInfoAccessSyntax: 1 item AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-pkix.48.1) accessLocation: 6 uniformResourceIdentifier: http://ocsp.digicert.com Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 1 item DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://crl3.digicert.com/Omniroot2025.crl Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 1 item PolicyInformation policyIdentifier: 2.5.29.32.0 (id-ce-certificatePolicies.0) policyQualifiers: 1 item PolicyQualifierInfo Id: 1.3.6.1.5.5.7.2.1 (id-qt-cps) DirectoryString: https://www.digicert.com/CPS Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: 3e742d1fcf4575047e3fc0a2873e4c43835113c6 Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: e59d5930824758ccacfa085436867b3ab5044df0 algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted: 385fa7fffc85f27332e4d5a389999660af32c103b365dfbe... TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 148 Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 144 EC Diffie-Hellman Server Params Curve Type: named_curve (0x03) Named Curve: secp256r1 (0x0017) Pubkey Length: 65 Pubkey: 04ad371904679d78855db02585a9f48e2e25598364ea5e1a... Signature Hash Algorithm: 0x0403 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Length: 71 Signature: 30450220763b8d7eb7909bc7224ec0f0a90218cbd7691833... TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 4 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0