A small tool to view real-world ActivityPub objects as JSON! Enter a URL
or username from Mastodon or a similar service below, and we'll send a
request with
the right
Accept
header
to the server to view the underlying object.
{
"@context": [
"https://www.w3.org/ns/activitystreams",
{
"ostatus": "http://ostatus.org#",
"atomUri": "ostatus:atomUri",
"inReplyToAtomUri": "ostatus:inReplyToAtomUri",
"conversation": "ostatus:conversation",
"sensitive": "as:sensitive",
"toot": "http://joinmastodon.org/ns#",
"votersCount": "toot:votersCount",
"litepub": "http://litepub.social/ns#",
"directMessage": "litepub:directMessage",
"blurhash": "toot:blurhash",
"focalPoint": {
"@container": "@list",
"@id": "toot:focalPoint"
}
}
],
"id": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988",
"type": "Note",
"summary": null,
"inReplyTo": null,
"published": "2022-11-16T19:45:29Z",
"url": "https://infosec.exchange/@rmhrisk/109355200002313988",
"attributedTo": "https://infosec.exchange/users/rmhrisk",
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"cc": [
"https://infosec.exchange/users/rmhrisk/followers"
],
"sensitive": false,
"atomUri": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988",
"inReplyToAtomUri": null,
"conversation": "tag:infosec.exchange,2022-11-16:objectId=21912058:objectType=Conversation",
"content": "<p>Playing around with ImportHTML() in Google Sheets to parse <a href=\"http://crt.sh/cert-populations\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">http://</span><span class=\"\">crt.sh/cert-populations</span><span class=\"invisible\"></span></a> to get a view of which WebPKI CAs are used for the majority of the sites on the web.</p><p>Have a few problems handling the fancy merged header in the source data elegantly but the data is still largely right. The methodology being used is described here <a href=\"https://unmitigatedrisk.com/?p=673\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">unmitigatedrisk.com/?p=673</span><span class=\"invisible\"></span></a></p><p>I say largely because there is some misattribution. The CA name is determined from <a href=\"https://ccadb.org\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">ccadb.org</span><span class=\"invisible\"></span></a>. In some cases, for example with Amazon Trust Services, the ownership of their root appears to be set to DigiCert their service provider.</p><p>With that caveat, the data currently suggests that 10 CAs are responsible for 99.57% of all unexpired pre-certificates in CT logs. Since certificates not included in CT logs will get a browser error like the one you see here: <a href=\"https://no-sct.badssl.com\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">no-sct.badssl.com</span><span class=\"invisible\"></span></a> this is a decent measurement.</p><p>Certificates that have been logged usually will have embedded SCTs in them. You can see what that looks like here: <a href=\"https://understandingwebpki.com/?cert=MIIHszCCBpugAwIBAgIQDxJYrlHOdQF19jT1kFF4ezANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMDQxODAwMDAwMFoXDTIzMDUwNDIzNTk1OVowgcExEzARBgsrBgEEAYI3PAIBAxMCVVMxFTATBgsrBgEEAYI3PAIBAhMEVXRhaDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xFTATBgNVBAUTDDUyOTk1MzctMDE0MjELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQDExB3d3cuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C8b3NE7AbBVlNdawnOyl0f6dMr3F2Cr%2Fndp%2FoyYlimU5XKQbXh4IYE%2BZ%2FK4KDn3t7RiXg%2FLo3eyjAtOdqq80vWeTlT4zvq%2BEstyXiSA1I%2B%2FDLpX3FDZ12XGys6yMffNdJj2XgOI34Lar%2BscVblaJRBTwINtdkGCqhLi6Dt%2BHk0SttztqlDwRaHqOihGeJpX9OR%2FvINQMndxzV3%2FEnKXVgAzOZNI1MP4jmTyK5nbtEYBbmHMjK63e8f40bwkhPayFZtcD5x%2BMjzZQqgqFzdrNRtVqdGxMdRO1%2BTm8H8KNtTwdqv39gh5YTPQRG8yU0Zae1FpAyyzjSuj3itUWhxygwIDAQABo4ID8DCCA%2BwwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFMPfu4B5jDTuw2VxBfXFzoKaYBSXMIGgBgNVHREEgZgwgZWCEHd3dy5kaWdpY2VydC5jb22CDGRpZ2ljZXJ0LmNvbYISYWRtaW4uZGlnaWNlcnQuY29tghBhcGkuZGlnaWNlcnQuY29tghRjb250ZW50LmRpZ2ljZXJ0LmNvbYISbG9naW4uZGlnaWNlcnQuY29tghJvcmRlci5kaWdpY2VydC5jb22CD3dzLmRpZ2ljZXJ0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwSgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIudPZwePhhqtGcpXc%2BxDCTKhYY069yCigAAAYA%2BVzukAAAEAwBIMEYCIQCnz8rdpZWWhelt0l3mDq0fL7IuWWim1b7wNAwrVCp3pAIhAIoqUK4qeiXEyjRgif1hJ35wui014wV8kIOKL8V%2BE5yvAHUANc8ZG7%2BxbFe%2FD61MbULLu7YnICZR6j%2FhKu%2BoA8M71kwAAAGAPlc7ogAABAMARjBEAiBj9dhmnSuIS1WLnvucYzmztQfypzcvF4P3TQUbUdYOcwIgKB8ZTsuzGlHcRF%2B2TrEoN5d2MrNPSHR%2FBkpGUZtuWP4AdQCzc3cH4YRQ%2BGOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYA%2BVzvaAAAEAwBGMEQCIFNRBlJgG4lnsTZFwzcG7BPO7DLDbBbAdShIMY9P9R%2BFAiA%2BhD%2FuX1d%2FROwXT%2FBqiQ4vcUc8J0tUK8jhQtCn%2FBqI3zANBgkqhkiG9w0BAQsFAAOCAQEANXQDrcthqdzxyZJG2Jr2sTqmSIt9tZ11IbcYQnRjXG7VvLUpo90dJLn3wq%2FWrCLkToWsz52bblsXcPFrKWdakO4t%2BXL97lL8Vl3v4gaYMVh7shef1NR1WuXwvs948635N%2BZIF4G6HQc7u5KxBeR7KuvVPecW7k016ZnUY89VPxaqBpOTW6piDXQMElVgNIKgODV2e1QDafAkCRVI30jpb0g%2FuEoGiJd1OHZGiwWYOsPlG%2BjiUDET9NOzCVbabHk3PDiHPlBLp3LpHq0l9g8vXKHRdEo79HbvaP4oBm220OE3fdU%2Fv2y5AQlwQffVwgAOPQHUebNp5JYUJ36oetLA1g%3D%3D#:~:text=No-,Name%3A,Certificate%20Transparency%20(1.3.6.1.4.1.11129.2.4.2),-Critical%3A\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">understandingwebpki.com/?cert=</span><span class=\"invisible\">MIIHszCCBpugAwIBAgIQDxJYrlHOdQF19jT1kFF4ezANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMDQxODAwMDAwMFoXDTIzMDUwNDIzNTk1OVowgcExEzARBgsrBgEEAYI3PAIBAxMCVVMxFTATBgsrBgEEAYI3PAIBAhMEVXRhaDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xFTATBgNVBAUTDDUyOTk1MzctMDE0MjELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQDExB3d3cuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C8b3NE7AbBVlNdawnOyl0f6dMr3F2Cr%2Fndp%2FoyYlimU5XKQbXh4IYE%2BZ%2FK4KDn3t7RiXg%2FLo3eyjAtOdqq80vWeTlT4zvq%2BEstyXiSA1I%2B%2FDLpX3FDZ12XGys6yMffNdJj2XgOI34Lar%2BscVblaJRBTwINtdkGCqhLi6Dt%2BHk0SttztqlDwRaHqOihGeJpX9OR%2FvINQMndxzV3%2FEnKXVgAzOZNI1MP4jmTyK5nbtEYBbmHMjK63e8f40bwkhPayFZtcD5x%2BMjzZQqgqFzdrNRtVqdGxMdRO1%2BTm8H8KNtTwdqv39gh5YTPQRG8yU0Zae1FpAyyzjSuj3itUWhxygwIDAQABo4ID8DCCA%2BwwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFMPfu4B5jDTuw2VxBfXFzoKaYBSXMIGgBgNVHREEgZgwgZWCEHd3dy5kaWdpY2VydC5jb22CDGRpZ2ljZXJ0LmNvbYISYWRtaW4uZGlnaWNlcnQuY29tghBhcGkuZGlnaWNlcnQuY29tghRjb250ZW50LmRpZ2ljZXJ0LmNvbYISbG9naW4uZGlnaWNlcnQuY29tghJvcmRlci5kaWdpY2VydC5jb22CD3dzLmRpZ2ljZXJ0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwSgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIudPZwePhhqtGcpXc%2BxDCTKhYY069yCigAAAYA%2BVzukAAAEAwBIMEYCIQCnz8rdpZWWhelt0l3mDq0fL7IuWWim1b7wNAwrVCp3pAIhAIoqUK4qeiXEyjRgif1hJ35wui014wV8kIOKL8V%2BE5yvAHUANc8ZG7%2BxbFe%2FD61MbULLu7YnICZR6j%2FhKu%2BoA8M71kwAAAGAPlc7ogAABAMARjBEAiBj9dhmnSuIS1WLnvucYzmztQfypzcvF4P3TQUbUdYOcwIgKB8ZTsuzGlHcRF%2B2TrEoN5d2MrNPSHR%2FBkpGUZtuWP4AdQCzc3cH4YRQ%2BGOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYA%2BVzvaAAAEAwBGMEQCIFNRBlJgG4lnsTZFwzcG7BPO7DLDbBbAdShIMY9P9R%2BFAiA%2BhD%2FuX1d%2FROwXT%2FBqiQ4vcUc8J0tUK8jhQtCn%2FBqI3zANBgkqhkiG9w0BAQsFAAOCAQEANXQDrcthqdzxyZJG2Jr2sTqmSIt9tZ11IbcYQnRjXG7VvLUpo90dJLn3wq%2FWrCLkToWsz52bblsXcPFrKWdakO4t%2BXL97lL8Vl3v4gaYMVh7shef1NR1WuXwvs948635N%2BZIF4G6HQc7u5KxBeR7KuvVPecW7k016ZnUY89VPxaqBpOTW6piDXQMElVgNIKgODV2e1QDafAkCRVI30jpb0g%2FuEoGiJd1OHZGiwWYOsPlG%2BjiUDET9NOzCVbabHk3PDiHPlBLp3LpHq0l9g8vXKHRdEo79HbvaP4oBm220OE3fdU%2Fv2y5AQlwQffVwgAOPQHUebNp5JYUJ36oetLA1g%3D%3D#:~:text=No-,Name%3A,Certificate%20Transparency%20(1.3.6.1.4.1.11129.2.4.2),-Critical%3A</span></a></p><p>In very rare cases they will be logged and they will be sent by the TLS server independently rather than in the certificate itself but that's poorly supported so it's not done often.</p><p>I love <a href=\"http://certificate.transparency.dev\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">http://</span><span class=\"\">certificate.transparency.dev</span><span class=\"invisible\"></span></a>. It is the belt and suspenders of the web.</p>",
"contentMap": {
"en": "<p>Playing around with ImportHTML() in Google Sheets to parse <a href=\"http://crt.sh/cert-populations\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">http://</span><span class=\"\">crt.sh/cert-populations</span><span class=\"invisible\"></span></a> to get a view of which WebPKI CAs are used for the majority of the sites on the web.</p><p>Have a few problems handling the fancy merged header in the source data elegantly but the data is still largely right. The methodology being used is described here <a href=\"https://unmitigatedrisk.com/?p=673\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">unmitigatedrisk.com/?p=673</span><span class=\"invisible\"></span></a></p><p>I say largely because there is some misattribution. The CA name is determined from <a href=\"https://ccadb.org\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">ccadb.org</span><span class=\"invisible\"></span></a>. In some cases, for example with Amazon Trust Services, the ownership of their root appears to be set to DigiCert their service provider.</p><p>With that caveat, the data currently suggests that 10 CAs are responsible for 99.57% of all unexpired pre-certificates in CT logs. Since certificates not included in CT logs will get a browser error like the one you see here: <a href=\"https://no-sct.badssl.com\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">no-sct.badssl.com</span><span class=\"invisible\"></span></a> this is a decent measurement.</p><p>Certificates that have been logged usually will have embedded SCTs in them. You can see what that looks like here: <a href=\"https://understandingwebpki.com/?cert=MIIHszCCBpugAwIBAgIQDxJYrlHOdQF19jT1kFF4ezANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMDQxODAwMDAwMFoXDTIzMDUwNDIzNTk1OVowgcExEzARBgsrBgEEAYI3PAIBAxMCVVMxFTATBgsrBgEEAYI3PAIBAhMEVXRhaDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xFTATBgNVBAUTDDUyOTk1MzctMDE0MjELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQDExB3d3cuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C8b3NE7AbBVlNdawnOyl0f6dMr3F2Cr%2Fndp%2FoyYlimU5XKQbXh4IYE%2BZ%2FK4KDn3t7RiXg%2FLo3eyjAtOdqq80vWeTlT4zvq%2BEstyXiSA1I%2B%2FDLpX3FDZ12XGys6yMffNdJj2XgOI34Lar%2BscVblaJRBTwINtdkGCqhLi6Dt%2BHk0SttztqlDwRaHqOihGeJpX9OR%2FvINQMndxzV3%2FEnKXVgAzOZNI1MP4jmTyK5nbtEYBbmHMjK63e8f40bwkhPayFZtcD5x%2BMjzZQqgqFzdrNRtVqdGxMdRO1%2BTm8H8KNtTwdqv39gh5YTPQRG8yU0Zae1FpAyyzjSuj3itUWhxygwIDAQABo4ID8DCCA%2BwwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFMPfu4B5jDTuw2VxBfXFzoKaYBSXMIGgBgNVHREEgZgwgZWCEHd3dy5kaWdpY2VydC5jb22CDGRpZ2ljZXJ0LmNvbYISYWRtaW4uZGlnaWNlcnQuY29tghBhcGkuZGlnaWNlcnQuY29tghRjb250ZW50LmRpZ2ljZXJ0LmNvbYISbG9naW4uZGlnaWNlcnQuY29tghJvcmRlci5kaWdpY2VydC5jb22CD3dzLmRpZ2ljZXJ0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwSgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIudPZwePhhqtGcpXc%2BxDCTKhYY069yCigAAAYA%2BVzukAAAEAwBIMEYCIQCnz8rdpZWWhelt0l3mDq0fL7IuWWim1b7wNAwrVCp3pAIhAIoqUK4qeiXEyjRgif1hJ35wui014wV8kIOKL8V%2BE5yvAHUANc8ZG7%2BxbFe%2FD61MbULLu7YnICZR6j%2FhKu%2BoA8M71kwAAAGAPlc7ogAABAMARjBEAiBj9dhmnSuIS1WLnvucYzmztQfypzcvF4P3TQUbUdYOcwIgKB8ZTsuzGlHcRF%2B2TrEoN5d2MrNPSHR%2FBkpGUZtuWP4AdQCzc3cH4YRQ%2BGOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYA%2BVzvaAAAEAwBGMEQCIFNRBlJgG4lnsTZFwzcG7BPO7DLDbBbAdShIMY9P9R%2BFAiA%2BhD%2FuX1d%2FROwXT%2FBqiQ4vcUc8J0tUK8jhQtCn%2FBqI3zANBgkqhkiG9w0BAQsFAAOCAQEANXQDrcthqdzxyZJG2Jr2sTqmSIt9tZ11IbcYQnRjXG7VvLUpo90dJLn3wq%2FWrCLkToWsz52bblsXcPFrKWdakO4t%2BXL97lL8Vl3v4gaYMVh7shef1NR1WuXwvs948635N%2BZIF4G6HQc7u5KxBeR7KuvVPecW7k016ZnUY89VPxaqBpOTW6piDXQMElVgNIKgODV2e1QDafAkCRVI30jpb0g%2FuEoGiJd1OHZGiwWYOsPlG%2BjiUDET9NOzCVbabHk3PDiHPlBLp3LpHq0l9g8vXKHRdEo79HbvaP4oBm220OE3fdU%2Fv2y5AQlwQffVwgAOPQHUebNp5JYUJ36oetLA1g%3D%3D#:~:text=No-,Name%3A,Certificate%20Transparency%20(1.3.6.1.4.1.11129.2.4.2),-Critical%3A\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">understandingwebpki.com/?cert=</span><span class=\"invisible\">MIIHszCCBpugAwIBAgIQDxJYrlHOdQF19jT1kFF4ezANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMDQxODAwMDAwMFoXDTIzMDUwNDIzNTk1OVowgcExEzARBgsrBgEEAYI3PAIBAxMCVVMxFTATBgsrBgEEAYI3PAIBAhMEVXRhaDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xFTATBgNVBAUTDDUyOTk1MzctMDE0MjELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQDExB3d3cuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C8b3NE7AbBVlNdawnOyl0f6dMr3F2Cr%2Fndp%2FoyYlimU5XKQbXh4IYE%2BZ%2FK4KDn3t7RiXg%2FLo3eyjAtOdqq80vWeTlT4zvq%2BEstyXiSA1I%2B%2FDLpX3FDZ12XGys6yMffNdJj2XgOI34Lar%2BscVblaJRBTwINtdkGCqhLi6Dt%2BHk0SttztqlDwRaHqOihGeJpX9OR%2FvINQMndxzV3%2FEnKXVgAzOZNI1MP4jmTyK5nbtEYBbmHMjK63e8f40bwkhPayFZtcD5x%2BMjzZQqgqFzdrNRtVqdGxMdRO1%2BTm8H8KNtTwdqv39gh5YTPQRG8yU0Zae1FpAyyzjSuj3itUWhxygwIDAQABo4ID8DCCA%2BwwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFMPfu4B5jDTuw2VxBfXFzoKaYBSXMIGgBgNVHREEgZgwgZWCEHd3dy5kaWdpY2VydC5jb22CDGRpZ2ljZXJ0LmNvbYISYWRtaW4uZGlnaWNlcnQuY29tghBhcGkuZGlnaWNlcnQuY29tghRjb250ZW50LmRpZ2ljZXJ0LmNvbYISbG9naW4uZGlnaWNlcnQuY29tghJvcmRlci5kaWdpY2VydC5jb22CD3dzLmRpZ2ljZXJ0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwSgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIudPZwePhhqtGcpXc%2BxDCTKhYY069yCigAAAYA%2BVzukAAAEAwBIMEYCIQCnz8rdpZWWhelt0l3mDq0fL7IuWWim1b7wNAwrVCp3pAIhAIoqUK4qeiXEyjRgif1hJ35wui014wV8kIOKL8V%2BE5yvAHUANc8ZG7%2BxbFe%2FD61MbULLu7YnICZR6j%2FhKu%2BoA8M71kwAAAGAPlc7ogAABAMARjBEAiBj9dhmnSuIS1WLnvucYzmztQfypzcvF4P3TQUbUdYOcwIgKB8ZTsuzGlHcRF%2B2TrEoN5d2MrNPSHR%2FBkpGUZtuWP4AdQCzc3cH4YRQ%2BGOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYA%2BVzvaAAAEAwBGMEQCIFNRBlJgG4lnsTZFwzcG7BPO7DLDbBbAdShIMY9P9R%2BFAiA%2BhD%2FuX1d%2FROwXT%2FBqiQ4vcUc8J0tUK8jhQtCn%2FBqI3zANBgkqhkiG9w0BAQsFAAOCAQEANXQDrcthqdzxyZJG2Jr2sTqmSIt9tZ11IbcYQnRjXG7VvLUpo90dJLn3wq%2FWrCLkToWsz52bblsXcPFrKWdakO4t%2BXL97lL8Vl3v4gaYMVh7shef1NR1WuXwvs948635N%2BZIF4G6HQc7u5KxBeR7KuvVPecW7k016ZnUY89VPxaqBpOTW6piDXQMElVgNIKgODV2e1QDafAkCRVI30jpb0g%2FuEoGiJd1OHZGiwWYOsPlG%2BjiUDET9NOzCVbabHk3PDiHPlBLp3LpHq0l9g8vXKHRdEo79HbvaP4oBm220OE3fdU%2Fv2y5AQlwQffVwgAOPQHUebNp5JYUJ36oetLA1g%3D%3D#:~:text=No-,Name%3A,Certificate%20Transparency%20(1.3.6.1.4.1.11129.2.4.2),-Critical%3A</span></a></p><p>In very rare cases they will be logged and they will be sent by the TLS server independently rather than in the certificate itself but that's poorly supported so it's not done often.</p><p>I love <a href=\"http://certificate.transparency.dev\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">http://</span><span class=\"\">certificate.transparency.dev</span><span class=\"invisible\"></span></a>. It is the belt and suspenders of the web.</p>"
},
"attachment": [
{
"type": "Document",
"mediaType": "image/png",
"url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/109/355/193/745/780/209/original/d0266adf366bed33.png",
"name": null,
"blurhash": "UzQJK3wZ_LFigMW:aKni%fS6M{w@nljGW.X6",
"width": 680,
"height": 417
}
],
"tag": [],
"replies": {
"id": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988/replies",
"type": "Collection",
"first": {
"type": "CollectionPage",
"next": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988/replies?only_other_accounts=true&page=true",
"partOf": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988/replies",
"items": []
}
},
"likes": {
"id": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988/likes",
"type": "Collection",
"totalItems": 2
},
"shares": {
"id": "https://infosec.exchange/users/rmhrisk/statuses/109355200002313988/shares",
"type": "Collection",
"totalItems": 1
}
}