gabrielpadilh4/ssl-handshake-client-example-output.log

## ssl-handshake-client-example-output.log
$ java -jar ssl-handshake-debugger-1.2-SNAPSHOT.jar -s gabrielpadilh4.github.io:443

javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.553 BRT|SSLCipher.java:464|jdk.tls.keyLimits:  entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.567 BRT|SSLCipher.java:464|jdk.tls.keyLimits:  entry =  ChaCha20-Poly1305 KeyUpdate 2^37. CHACHA20-POLY1305:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.664 BRT|HandshakeContext.java:296|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLSv1.2
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.665 BRT|HandshakeContext.java:296|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLSv1.2
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.665 BRT|HandshakeContext.java:296|Ignore unsupported cipher suite: TLS_CHACHA20_POLY1305_SHA256 for TLSv1.2
javax.net.ssl|WARNING|01|main|2023-09-26 23:12:42.676 BRT|SignatureScheme.java:295|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|01|main|2023-09-26 23:12:42.676 BRT|SignatureScheme.java:295|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.678 BRT|SignatureScheme.java:383|Ignore unsupported signature scheme: ed25519
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.678 BRT|SignatureScheme.java:383|Ignore unsupported signature scheme: ed448
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.679 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: dsa_sha256
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.679 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: dsa_sha224
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.679 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: ecdsa_sha1
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.679 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: rsa_pkcs1_sha1
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.679 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: dsa_sha1
javax.net.ssl|ALL|01|main|2023-09-26 23:12:42.680 BRT|SignatureScheme.java:402|Ignore disabled signature scheme: rsa_md5
javax.net.ssl|INFO|01|main|2023-09-26 23:12:42.680 BRT|AlpnExtension.java:178|No available application protocols
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.680 BRT|SSLExtensions.java:260|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.680 BRT|SSLExtensions.java:260|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.689 BRT|SSLExtensions.java:260|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.689 BRT|PreSharedKeyExtension.java:633|No session to resume.
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.689 BRT|SSLExtensions.java:260|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.692 BRT|ClientHello.java:642|Produced ClientHello handshake message (
"ClientHello": {
  "client version"      : "TLSv1.2",
  "random"              : "2C 44 AC 74 EE 47 1C 50 1F DB 6B B4 62 94 6B 90 EB 8A 43 B8 50 45 17 64 EF 08 D8 46 88 4E 64 F3",
  "session id"          : "ED 8C BC FF 18 76 F9 22 4F 32 EA 1D 0B E2 0C EB 48 47 CE 07 29 1D D6 46 0F 42 BA 0C CA E0 9B 21",
  "cipher suites"       : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
  "compression methods" : "00",
  "extensions"          : [
    "server_name (0)": {
      type=host_name (0), value=gabrielpadilh4.github.io
    },
    "status_request (5)": {
      "certificate status type": ocsp
      "OCSP status request": {
        "responder_id": <empty>
        "request extensions": {
          <empty>
        }
      }
    },
    "supported_groups (10)": {
      "versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
    },
    "ec_point_formats (11)": {
      "formats": [uncompressed]
    },
    "signature_algorithms (13)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, rsa_sha224]
    },
    "signature_algorithms_cert (50)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, rsa_sha224]
    },
    "status_request_v2 (17)": {
      "cert status request": {
        "certificate status type": ocsp_multi
        "OCSP status request": {
          "responder_id": <empty>
          "request extensions": {
            <empty>
          }
        }
      }
    },
    "extended_master_secret (23)": {
      <empty>
    },
    "supported_versions (43)": {
      "versions": [TLSv1.3, TLSv1.2]
    },
    "psk_key_exchange_modes (45)": {
      "ke_modes": [psk_dhe_ke]
    },
    "key_share (51)": {
      "client_shares": [
        {
          "named group": x25519
          "key_exchange": {
            0000: B7 F2 60 69 23 2F BC 1F   88 27 6C C0 61 C0 FD A0  ..`i#/...'l.a...
            0010: 1C AF BF 5A A2 D6 EA 18   E8 14 36 D2 6A EF A9 62  ...Z......6.j..b
          }
        },
      ]
    }
  ]
}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.707 BRT|ServerHello.java:867|Consuming ServerHello handshake message (
"ServerHello": {
  "server version"      : "TLSv1.2",
  "random"              : "FE F5 94 68 D7 13 42 75 94 A6 04 47 3D 43 63 75 D9 5A 41 B1 62 D9 FB C1 E3 42 66 29 88 73 F4 CF",
  "session id"          : "ED 8C BC FF 18 76 F9 22 4F 32 EA 1D 0B E2 0C EB 48 47 CE 07 29 1D D6 46 0F 42 BA 0C CA E0 9B 21",
  "cipher suite"        : "TLS_AES_256_GCM_SHA384(0x1302)",
  "compression methods" : "00",
  "extensions"          : [
    "supported_versions (43)": {
      "selected version": [TLSv1.3]
    },
    "key_share (51)": {
      "server_share": {
        "named group": x25519
        "key_exchange": {
          0000: 4A 23 FB DE 15 D8 F6 D0   3F D9 E4 BA 36 CF D8 EF  J#......?...6...
          0010: E6 33 0F F1 F2 38 25 21   CA 5E C8 F4 C9 75 F6 0B  .3...8%!.^...u..
        }
      },
    }
  ]
}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.707 BRT|SSLExtensions.java:192|Consumed extension: supported_versions
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.707 BRT|ServerHello.java:963|Negotiated protocol version: TLSv1.3
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.707 BRT|SSLExtensions.java:163|Ignore unsupported extension: server_name
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: max_fragment_length
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: status_request
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: status_request_v2
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.708 BRT|SSLExtensions.java:163|Ignore unsupported extension: extended_master_secret
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.709 BRT|SSLExtensions.java:192|Consumed extension: supported_versions
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.710 BRT|SSLExtensions.java:192|Consumed extension: key_share
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.710 BRT|SSLExtensions.java:163|Ignore unsupported extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|PreSharedKeyExtension.java:895|Handling pre_shared_key absence.
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|SSLExtensions.java:207|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|SSLExtensions.java:207|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|SSLExtensions.java:207|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|SSLExtensions.java:207|Ignore unavailable extension: ec_point_formats
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.711 BRT|SSLExtensions.java:207|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:207|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:207|Ignore unavailable extension: extended_master_secret
javax.net.ssl|WARNING|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:215|Ignore impact of unsupported extension: supported_versions
javax.net.ssl|WARNING|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:215|Ignore impact of unsupported extension: key_share
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:207|Ignore unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.712 BRT|SSLExtensions.java:207|Ignore unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.718 BRT|SSLCipher.java:1866|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.720 BRT|SSLCipher.java:2020|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.720 BRT|ChangeCipherSpec.java:246|Consuming ChangeCipherSpec message
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.728 BRT|EncryptedExtensions.java:171|Consuming EncryptedExtensions handshake message (
"EncryptedExtensions": [
  "server_name (0)": {
    <empty extension_data field>
  }
]
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.728 BRT|SSLExtensions.java:192|Consumed extension: server_name
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:173|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:173|Ignore unavailable extension: supported_groups
javax.net.ssl|WARNING|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:215|Ignore impact of unsupported extension: server_name
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:207|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:207|Ignore unavailable extension: supported_groups
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.729 BRT|SSLExtensions.java:207|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.746 BRT|CertificateMessage.java:1172|Consuming server Certificate handshake message (
"Certificate": {
  "certificate_request_context": "",
  "certificate_list": [
  {
    "certificate" : {
      "version"            : "v3",
      "serial number"      : "04 4D 72 D7 7C DD A7 02 DD 5A 67 F2 A2 3B BD D9",
      "signature algorithm": "SHA256withRSA",
      "issuer"             : "CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
      "not before"         : "2023-02-20 21:00:00.000 BRT",
      "not  after"         : "2024-03-20 20:59:59.000 BRT",
      "subject"            : "CN=*.github.io, O="GitHub, Inc.", L=San Francisco, ST=California, C=US",
      "subject public key" : "RSA",
      "extensions"         : [
        {
          ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
        },
        {
          ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
          AuthorityInfoAccess [
            [
             accessMethod: ocsp
             accessLocation: URIName: http://ocsp.digicert.com
          ,
             accessMethod: caIssuers
             accessLocation: URIName: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
          ]
          ]
        },
        {
          ObjectId: 2.5.29.35 Criticality=false
          AuthorityKeyIdentifier [
          KeyIdentifier [
          0000: B7 6B A2 EA A8 AA 84 8C   79 EA B4 DA 0F 98 B2 C5  .k......y.......
          0010: 95 76 B9 F4                                        .v..
          ]
          ]
        },
        {
          ObjectId: 2.5.29.19 Criticality=false
          BasicConstraints:[
            CA:false
            PathLen: undefined
          ]
        },
        {
          ObjectId: 2.5.29.31 Criticality=false
          CRLDistributionPoints [
            [DistributionPoint:
               [URIName: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl]
          , DistributionPoint:
               [URIName: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl]
          ]]
        },
        {
          ObjectId: 2.5.29.32 Criticality=false
          CertificatePolicies [
            [CertificatePolicyId: [2.23.140.1.2.2]
          [PolicyQualifierInfo: [
            qualifierID: 1.3.6.1.5.5.7.2.1
            qualifier: 0000: 16 1B 68 74 74 70 3A 2F   2F 77 77 77 2E 64 69 67  ..http://www.dig
          0010: 69 63 65 72 74 2E 63 6F   6D 2F 43 50 53           icert.com/CPS

          ]]  ]
          ]
        },
        {
          ObjectId: 2.5.29.37 Criticality=false
          ExtendedKeyUsages [
            serverAuth
            clientAuth
          ]
        },
        {
          ObjectId: 2.5.29.15 Criticality=true
          KeyUsage [
            DigitalSignature
            Key_Encipherment
          ]
        },
        {
          ObjectId: 2.5.29.17 Criticality=false
          SubjectAlternativeName [
            DNSName: *.github.io
            DNSName: github.io
            DNSName: *.github.com
            DNSName: github.com
            DNSName: www.github.com
            DNSName: *.githubusercontent.com
            DNSName: githubusercontent.com
          ]
        },
        {
          ObjectId: 2.5.29.14 Criticality=false
          SubjectKeyIdentifier [
          KeyIdentifier [
          0000: 8D 02 1C 75 5A CD C6 A6   41 78 69 28 C3 F7 AA A7  ...uZ...Axi(....
          0010: 98 3B D5 BB                                        .;..
          ]
          ]
        }
      ]}
    "extensions": {
      "status_request (5)": {
        "certificate status response type": ocsp
        "OCSP status response": {
          OCSP Response:
          Response Status: SUCCESSFUL
          Responder ID: byKey: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4
          Produced at: Mon Sep 25 08:13:15 BRT 2023
          1 response:
          SingleResponse:
          CertId
          Algorithm: SHA-1
          issuerNameHash
          0000: E4 E3 95 A2 29 D3 D4 C1   C3 1F F0 98 0C 0B 4E C0  ....).........N.
          0010: 09 8A AB D8
          issuerKeyHash:
          0000: B7 6B A2 EA A8 AA 84 8C   79 EA B4 DA 0F 98 B2 C5  .k......y.......
          0010: 95 76 B9 F4
          SerialNumber: [    044d72d7 7cdda702 dd5a67f2 a23bbdd9]
          CertStatus: GOOD
          thisUpdate is Mon Sep 25 07:57:01 BRT 2023
          nextUpdate is Mon Oct 02 06:57:01 BRT 2023
        }
      }
    }
  },
  {
    "certificate" : {
      "version"            : "v3",
      "serial number"      : "06 D8 D9 04 D5 58 43 46 F6 8A 2F A7 54 22 7E C4",
      "signature algorithm": "SHA256withRSA",
      "issuer"             : "CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
      "not before"         : "2021-04-13 21:00:00.000 BRT",
      "not  after"         : "2031-04-13 20:59:59.000 BRT",
      "subject"            : "CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
      "subject public key" : "RSA",
      "extensions"         : [
        {
          ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
          AuthorityInfoAccess [
            [
             accessMethod: ocsp
             accessLocation: URIName: http://ocsp.digicert.com
          ,
             accessMethod: caIssuers
             accessLocation: URIName: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt
          ]
          ]
        },
        {
          ObjectId: 2.5.29.35 Criticality=false
          AuthorityKeyIdentifier [
          KeyIdentifier [
          0000: 03 DE 50 35 56 D1 4C BB   66 F0 A3 E2 1B 1B C3 97  ..P5V.L.f.......
          0010: B2 3D D1 55                                        .=.U
          ]
          ]
        },
        {
          ObjectId: 2.5.29.19 Criticality=true
          BasicConstraints:[
            CA:true
            PathLen:0
          ]
        },
        {
          ObjectId: 2.5.29.31 Criticality=false
          CRLDistributionPoints [
            [DistributionPoint:
               [URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]
          ]]
        },
        {
          ObjectId: 2.5.29.32 Criticality=false
          CertificatePolicies [
            [CertificatePolicyId: [2.16.840.1.114412.2.1]
          []  ]
            [CertificatePolicyId: [2.23.140.1.1]
          []  ]
            [CertificatePolicyId: [2.23.140.1.2.1]
          []  ]
            [CertificatePolicyId: [2.23.140.1.2.2]
          []  ]
            [CertificatePolicyId: [2.23.140.1.2.3]
          []  ]
          ]
        },
        {
          ObjectId: 2.5.29.37 Criticality=false
          ExtendedKeyUsages [
            serverAuth
            clientAuth
          ]
        },
        {
          ObjectId: 2.5.29.15 Criticality=true
          KeyUsage [
            DigitalSignature
            Key_CertSign
            Crl_Sign
          ]
        },
        {
          ObjectId: 2.5.29.14 Criticality=false
          SubjectKeyIdentifier [
          KeyIdentifier [
          0000: B7 6B A2 EA A8 AA 84 8C   79 EA B4 DA 0F 98 B2 C5  .k......y.......
          0010: 95 76 B9 F4                                        .v..
          ]
          ]
        }
      ]}
    "extensions": {
      <no extension>
    }
  },
]
}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.747 BRT|SSLExtensions.java:192|Consumed extension: status_request
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.747 BRT|SSLExtensions.java:173|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.780 BRT|CertificateVerify.java:1163|Consuming CertificateVerify handshake message (
"CertificateVerify": {
  "signature algorithm": rsa_pss_rsae_sha256
  "signature": {
    0000: 75 E8 3E 8A 69 92 E1 74   DD 5E 69 A4 B2 2E EB F5  u.>.i..t.^i.....
    0010: 11 C9 83 B3 94 C9 C4 0A   58 A5 C7 79 C0 F7 9A 65  ........X..y...e
    0020: 8E D8 A6 00 00 04 83 A3   12 A6 21 C9 D0 88 03 E2  ..........!.....
    0030: 3C 5C 19 2C C8 2B 99 DE   7E 0C 84 AC 2D 2C 8D 53  <\.,.+......-,.S
    0040: F5 01 5D 5A 45 A0 1B B8   C3 13 AB 94 C5 EB 94 86  ..]ZE...........
    0050: C4 50 C7 3F 43 C4 09 4D   83 C2 0A 4E 73 32 63 CE  .P.?C..M...Ns2c.
    0060: 11 42 7C 49 CA B1 A5 2E   0B E4 28 6F BA 9F 7E F9  .B.I......(o....
    0070: AF 0E 76 47 07 CA C8 EE   1F 2D D9 A8 49 C0 27 9F  ..vG.....-..I.'.
    0080: 6B 51 53 BB 5F B4 53 BF   E1 A4 E7 30 48 E8 72 C4  kQS._.S....0H.r.
    0090: 6A 27 D1 FA 65 37 D3 B0   B9 74 E3 34 7B 28 F0 00  j'..e7...t.4.(..
    00A0: EF 01 0F 13 41 B5 5E 7C   3A F0 FB 76 94 22 D6 30  ....A.^.:..v.".0
    00B0: 09 C2 29 71 1D C0 B6 73   FA 58 1B 27 CF 64 4A 18  ..)q...s.X.'.dJ.
    00C0: F8 F6 E9 A0 CF B8 8B 55   34 0E FB 1E 18 78 88 91  .......U4....x..
    00D0: 9B 7E AD 19 0C 15 45 A2   19 B1 BC 1C 03 2F 47 73  ......E....../Gs
    00E0: 06 3C 4E DC 89 FE A2 2D   0F A8 75 B0 DD 30 C6 BC  .<N....-..u..0..
    00F0: C8 E7 BE 2C E1 7B A2 52   BF B7 3E 69 C9 94 E8 8A  ...,...R..>i....
  }
}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.782 BRT|Finished.java:898|Consuming server Finished handshake message (
"Finished": {
  "verify data": {
    0000: 17 5E BB D3 90 00 11 4C   C6 BE 34 27 CC 6D 13 80  .^.....L..4'.m..
    0010: 67 DA A0 CA C1 95 D0 B9   81 77 C0 55 83 14 2F BF  g........w.U../.
    0020: D1 8D 76 31 61 EA 77 C2   56 74 7C 54 E7 28 71 F0  ..v1a.w.Vt.T.(q.
  }'}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.783 BRT|SSLCipher.java:1866|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.784 BRT|Finished.java:673|Produced client Finished handshake message (
"Finished": {
  "verify data": {
    0000: 41 D3 66 DF A5 2F 8B 76   41 D2 4F DE 60 E7 83 C8  A.f../.vA.O.`...
    0010: FB 09 CB 8F A0 E2 10 EA   C8 77 0B 75 E6 49 64 B9  .........w.u.Id.
    0020: 89 A7 FD 60 04 4F D4 66   14 A9 30 4D C3 6E 2C 4A  ...`.O.f..0M.n,J
  }'}
)
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.784 BRT|SSLCipher.java:2020|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.785 BRT|SSLSocketImpl.java:578|duplex close of SSLSocket
javax.net.ssl|DEBUG|01|main|2023-09-26 23:12:42.785 BRT|SSLSocketImpl.java:1760|close the SSL connection (passive)
	$ java -jar ssl-handshake-debugger-1.2-SNAPSHOT.jar -s gabrielpadilh4.github.io:443

	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.553 BRT\|SSLCipher.java:464\|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.567 BRT\|SSLCipher.java:464\|jdk.tls.keyLimits: entry = ChaCha20-Poly1305 KeyUpdate 2^37. CHACHA20-POLY1305:KEYUPDATE = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.664 BRT\|HandshakeContext.java:296\|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLSv1.2
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.665 BRT\|HandshakeContext.java:296\|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLSv1.2
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.665 BRT\|HandshakeContext.java:296\|Ignore unsupported cipher suite: TLS_CHACHA20_POLY1305_SHA256 for TLSv1.2
	javax.net.ssl\|WARNING\|01\|main\|2023-09-26 23:12:42.676 BRT\|SignatureScheme.java:295\|Signature algorithm, ed25519, is not supported by the underlying providers
	javax.net.ssl\|WARNING\|01\|main\|2023-09-26 23:12:42.676 BRT\|SignatureScheme.java:295\|Signature algorithm, ed448, is not supported by the underlying providers
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.678 BRT\|SignatureScheme.java:383\|Ignore unsupported signature scheme: ed25519
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.678 BRT\|SignatureScheme.java:383\|Ignore unsupported signature scheme: ed448
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.679 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: dsa_sha256
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.679 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: dsa_sha224
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.679 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: ecdsa_sha1
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.679 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: rsa_pkcs1_sha1
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.679 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: dsa_sha1
	javax.net.ssl\|ALL\|01\|main\|2023-09-26 23:12:42.680 BRT\|SignatureScheme.java:402\|Ignore disabled signature scheme: rsa_md5
	javax.net.ssl\|INFO\|01\|main\|2023-09-26 23:12:42.680 BRT\|AlpnExtension.java:178\|No available application protocols
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.680 BRT\|SSLExtensions.java:260\|Ignore, context unavailable extension: application_layer_protocol_negotiation
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.680 BRT\|SSLExtensions.java:260\|Ignore, context unavailable extension: cookie
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.689 BRT\|SSLExtensions.java:260\|Ignore, context unavailable extension: renegotiation_info
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.689 BRT\|PreSharedKeyExtension.java:633\|No session to resume.
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.689 BRT\|SSLExtensions.java:260\|Ignore, context unavailable extension: pre_shared_key
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.692 BRT\|ClientHello.java:642\|Produced ClientHello handshake message (
	"ClientHello": {
	"client version" : "TLSv1.2",
	"random" : "2C 44 AC 74 EE 47 1C 50 1F DB 6B B4 62 94 6B 90 EB 8A 43 B8 50 45 17 64 EF 08 D8 46 88 4E 64 F3",
	"session id" : "ED 8C BC FF 18 76 F9 22 4F 32 EA 1D 0B E2 0C EB 48 47 CE 07 29 1D D6 46 0F 42 BA 0C CA E0 9B 21",
	"cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
	"compression methods" : "00",
	"extensions" : [
	"server_name (0)": {
	type=host_name (0), value=gabrielpadilh4.github.io
	},
	"status_request (5)": {
	"certificate status type": ocsp
	"OCSP status request": {
	"responder_id": <empty>
	"request extensions": {
	<empty>
	}
	}
	},
	"supported_groups (10)": {
	"versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
	},
	"ec_point_formats (11)": {
	"formats": [uncompressed]
	},
	"signature_algorithms (13)": {
	"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, rsa_sha224]
	},
	"signature_algorithms_cert (50)": {
	"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, rsa_sha224]
	},
	"status_request_v2 (17)": {
	"cert status request": {
	"certificate status type": ocsp_multi
	"OCSP status request": {
	"responder_id": <empty>
	"request extensions": {
	<empty>
	}
	}
	}
	},
	"extended_master_secret (23)": {
	<empty>
	},
	"supported_versions (43)": {
	"versions": [TLSv1.3, TLSv1.2]
	},
	"psk_key_exchange_modes (45)": {
	"ke_modes": [psk_dhe_ke]
	},
	"key_share (51)": {
	"client_shares": [
	{
	"named group": x25519
	"key_exchange": {
	0000: B7 F2 60 69 23 2F BC 1F 88 27 6C C0 61 C0 FD A0 ..`i#/...'l.a...
	0010: 1C AF BF 5A A2 D6 EA 18 E8 14 36 D2 6A EF A9 62 ...Z......6.j..b
	}
	},
	]
	}
	]
	}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.707 BRT\|ServerHello.java:867\|Consuming ServerHello handshake message (
	"ServerHello": {
	"server version" : "TLSv1.2",
	"random" : "FE F5 94 68 D7 13 42 75 94 A6 04 47 3D 43 63 75 D9 5A 41 B1 62 D9 FB C1 E3 42 66 29 88 73 F4 CF",
	"session id" : "ED 8C BC FF 18 76 F9 22 4F 32 EA 1D 0B E2 0C EB 48 47 CE 07 29 1D D6 46 0F 42 BA 0C CA E0 9B 21",
	"cipher suite" : "TLS_AES_256_GCM_SHA384(0x1302)",
	"compression methods" : "00",
	"extensions" : [
	"supported_versions (43)": {
	"selected version": [TLSv1.3]
	},
	"key_share (51)": {
	"server_share": {
	"named group": x25519
	"key_exchange": {
	0000: 4A 23 FB DE 15 D8 F6 D0 3F D9 E4 BA 36 CF D8 EF J#......?...6...
	0010: E6 33 0F F1 F2 38 25 21 CA 5E C8 F4 C9 75 F6 0B .3...8%!.^...u..
	}
	},
	}
	]
	}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.707 BRT\|SSLExtensions.java:192\|Consumed extension: supported_versions
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.707 BRT\|ServerHello.java:963\|Negotiated protocol version: TLSv1.3
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.707 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: server_name
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: max_fragment_length
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: status_request
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: ec_point_formats
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: application_layer_protocol_negotiation
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: status_request_v2
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.708 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: extended_master_secret
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.709 BRT\|SSLExtensions.java:192\|Consumed extension: supported_versions
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.710 BRT\|SSLExtensions.java:192\|Consumed extension: key_share
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.710 BRT\|SSLExtensions.java:163\|Ignore unsupported extension: renegotiation_info
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|PreSharedKeyExtension.java:895\|Handling pre_shared_key absence.
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: server_name
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: max_fragment_length
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: status_request
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: ec_point_formats
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.711 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: application_layer_protocol_negotiation
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: status_request_v2
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: extended_master_secret
	javax.net.ssl\|WARNING\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:215\|Ignore impact of unsupported extension: supported_versions
	javax.net.ssl\|WARNING\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:215\|Ignore impact of unsupported extension: key_share
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: renegotiation_info
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.712 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: pre_shared_key
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.718 BRT\|SSLCipher.java:1866\|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
	countdown value = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.720 BRT\|SSLCipher.java:2020\|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
	countdown value = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.720 BRT\|ChangeCipherSpec.java:246\|Consuming ChangeCipherSpec message
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.728 BRT\|EncryptedExtensions.java:171\|Consuming EncryptedExtensions handshake message (
	"EncryptedExtensions": [
	"server_name (0)": {
	<empty extension_data field>
	}
	]
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.728 BRT\|SSLExtensions.java:192\|Consumed extension: server_name
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:173\|Ignore unavailable extension: max_fragment_length
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:173\|Ignore unavailable extension: supported_groups
	javax.net.ssl\|WARNING\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:215\|Ignore impact of unsupported extension: server_name
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: max_fragment_length
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: supported_groups
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.729 BRT\|SSLExtensions.java:207\|Ignore unavailable extension: application_layer_protocol_negotiation
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.746 BRT\|CertificateMessage.java:1172\|Consuming server Certificate handshake message (
	"Certificate": {
	"certificate_request_context": "",
	"certificate_list": [
	{
	"certificate" : {
	"version" : "v3",
	"serial number" : "04 4D 72 D7 7C DD A7 02 DD 5A 67 F2 A2 3B BD D9",
	"signature algorithm": "SHA256withRSA",
	"issuer" : "CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
	"not before" : "2023-02-20 21:00:00.000 BRT",
	"not after" : "2024-03-20 20:59:59.000 BRT",
	"subject" : "CN=*.github.io, O="GitHub, Inc.", L=San Francisco, ST=California, C=US",
	"subject public key" : "RSA",
	"extensions" : [
	{
	ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
	},
	{
	ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
	AuthorityInfoAccess [
	[
	accessMethod: ocsp
	accessLocation: URIName: http://ocsp.digicert.com
	,
	accessMethod: caIssuers
	accessLocation: URIName: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
	]
	]
	},
	{
	ObjectId: 2.5.29.35 Criticality=false
	AuthorityKeyIdentifier [
	KeyIdentifier [
	0000: B7 6B A2 EA A8 AA 84 8C 79 EA B4 DA 0F 98 B2 C5 .k......y.......
	0010: 95 76 B9 F4 .v..
	]
	]
	},
	{
	ObjectId: 2.5.29.19 Criticality=false
	BasicConstraints:[
	CA:false
	PathLen: undefined
	]
	},
	{
	ObjectId: 2.5.29.31 Criticality=false
	CRLDistributionPoints [
	[DistributionPoint:
	[URIName: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl]
	, DistributionPoint:
	[URIName: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl]
	]]
	},
	{
	ObjectId: 2.5.29.32 Criticality=false
	CertificatePolicies [
	[CertificatePolicyId: [2.23.140.1.2.2]
	[PolicyQualifierInfo: [
	qualifierID: 1.3.6.1.5.5.7.2.1
	qualifier: 0000: 16 1B 68 74 74 70 3A 2F 2F 77 77 77 2E 64 69 67 ..http://www.dig
	0010: 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 icert.com/CPS

	]] ]
	]
	},
	{
	ObjectId: 2.5.29.37 Criticality=false
	ExtendedKeyUsages [
	serverAuth
	clientAuth
	]
	},
	{
	ObjectId: 2.5.29.15 Criticality=true
	KeyUsage [
	DigitalSignature
	Key_Encipherment
	]
	},
	{
	ObjectId: 2.5.29.17 Criticality=false
	SubjectAlternativeName [
	DNSName: *.github.io
	DNSName: github.io
	DNSName: *.github.com
	DNSName: github.com
	DNSName: www.github.com
	DNSName: *.githubusercontent.com
	DNSName: githubusercontent.com
	]
	},
	{
	ObjectId: 2.5.29.14 Criticality=false
	SubjectKeyIdentifier [
	KeyIdentifier [
	0000: 8D 02 1C 75 5A CD C6 A6 41 78 69 28 C3 F7 AA A7 ...uZ...Axi(....
	0010: 98 3B D5 BB .;..
	]
	]
	}
	]}
	"extensions": {
	"status_request (5)": {
	"certificate status response type": ocsp
	"OCSP status response": {
	OCSP Response:
	Response Status: SUCCESSFUL
	Responder ID: byKey: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4
	Produced at: Mon Sep 25 08:13:15 BRT 2023
	1 response:
	SingleResponse:
	CertId
	Algorithm: SHA-1
	issuerNameHash
	0000: E4 E3 95 A2 29 D3 D4 C1 C3 1F F0 98 0C 0B 4E C0 ....).........N.
	0010: 09 8A AB D8
	issuerKeyHash:
	0000: B7 6B A2 EA A8 AA 84 8C 79 EA B4 DA 0F 98 B2 C5 .k......y.......
	0010: 95 76 B9 F4
	SerialNumber: [ 044d72d7 7cdda702 dd5a67f2 a23bbdd9]
	CertStatus: GOOD
	thisUpdate is Mon Sep 25 07:57:01 BRT 2023
	nextUpdate is Mon Oct 02 06:57:01 BRT 2023
	}
	}
	}
	},
	{
	"certificate" : {
	"version" : "v3",
	"serial number" : "06 D8 D9 04 D5 58 43 46 F6 8A 2F A7 54 22 7E C4",
	"signature algorithm": "SHA256withRSA",
	"issuer" : "CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
	"not before" : "2021-04-13 21:00:00.000 BRT",
	"not after" : "2031-04-13 20:59:59.000 BRT",
	"subject" : "CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
	"subject public key" : "RSA",
	"extensions" : [
	{
	ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
	AuthorityInfoAccess [
	[
	accessMethod: ocsp
	accessLocation: URIName: http://ocsp.digicert.com
	,
	accessMethod: caIssuers
	accessLocation: URIName: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt
	]
	]
	},
	{
	ObjectId: 2.5.29.35 Criticality=false
	AuthorityKeyIdentifier [
	KeyIdentifier [
	0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
	0010: B2 3D D1 55 .=.U
	]
	]
	},
	{
	ObjectId: 2.5.29.19 Criticality=true
	BasicConstraints:[
	CA:true
	PathLen:0
	]
	},
	{
	ObjectId: 2.5.29.31 Criticality=false
	CRLDistributionPoints [
	[DistributionPoint:
	[URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]
	]]
	},
	{
	ObjectId: 2.5.29.32 Criticality=false
	CertificatePolicies [
	[CertificatePolicyId: [2.16.840.1.114412.2.1]
	[] ]
	[CertificatePolicyId: [2.23.140.1.1]
	[] ]
	[CertificatePolicyId: [2.23.140.1.2.1]
	[] ]
	[CertificatePolicyId: [2.23.140.1.2.2]
	[] ]
	[CertificatePolicyId: [2.23.140.1.2.3]
	[] ]
	]
	},
	{
	ObjectId: 2.5.29.37 Criticality=false
	ExtendedKeyUsages [
	serverAuth
	clientAuth
	]
	},
	{
	ObjectId: 2.5.29.15 Criticality=true
	KeyUsage [
	DigitalSignature
	Key_CertSign
	Crl_Sign
	]
	},
	{
	ObjectId: 2.5.29.14 Criticality=false
	SubjectKeyIdentifier [
	KeyIdentifier [
	0000: B7 6B A2 EA A8 AA 84 8C 79 EA B4 DA 0F 98 B2 C5 .k......y.......
	0010: 95 76 B9 F4 .v..
	]
	]
	}
	]}
	"extensions": {
	<no extension>
	}
	},
	]
	}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.747 BRT\|SSLExtensions.java:192\|Consumed extension: status_request
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.747 BRT\|SSLExtensions.java:173\|Ignore unavailable extension: status_request
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.780 BRT\|CertificateVerify.java:1163\|Consuming CertificateVerify handshake message (
	"CertificateVerify": {
	"signature algorithm": rsa_pss_rsae_sha256
	"signature": {
	0000: 75 E8 3E 8A 69 92 E1 74 DD 5E 69 A4 B2 2E EB F5 u.>.i..t.^i.....
	0010: 11 C9 83 B3 94 C9 C4 0A 58 A5 C7 79 C0 F7 9A 65 ........X..y...e
	0020: 8E D8 A6 00 00 04 83 A3 12 A6 21 C9 D0 88 03 E2 ..........!.....
	0030: 3C 5C 19 2C C8 2B 99 DE 7E 0C 84 AC 2D 2C 8D 53 <\.,.+......-,.S
	0040: F5 01 5D 5A 45 A0 1B B8 C3 13 AB 94 C5 EB 94 86 ..]ZE...........
	0050: C4 50 C7 3F 43 C4 09 4D 83 C2 0A 4E 73 32 63 CE .P.?C..M...Ns2c.
	0060: 11 42 7C 49 CA B1 A5 2E 0B E4 28 6F BA 9F 7E F9 .B.I......(o....
	0070: AF 0E 76 47 07 CA C8 EE 1F 2D D9 A8 49 C0 27 9F ..vG.....-..I.'.
	0080: 6B 51 53 BB 5F B4 53 BF E1 A4 E7 30 48 E8 72 C4 kQS._.S....0H.r.
	0090: 6A 27 D1 FA 65 37 D3 B0 B9 74 E3 34 7B 28 F0 00 j'..e7...t.4.(..
	00A0: EF 01 0F 13 41 B5 5E 7C 3A F0 FB 76 94 22 D6 30 ....A.^.:..v.".0
	00B0: 09 C2 29 71 1D C0 B6 73 FA 58 1B 27 CF 64 4A 18 ..)q...s.X.'.dJ.
	00C0: F8 F6 E9 A0 CF B8 8B 55 34 0E FB 1E 18 78 88 91 .......U4....x..
	00D0: 9B 7E AD 19 0C 15 45 A2 19 B1 BC 1C 03 2F 47 73 ......E....../Gs
	00E0: 06 3C 4E DC 89 FE A2 2D 0F A8 75 B0 DD 30 C6 BC .<N....-..u..0..
	00F0: C8 E7 BE 2C E1 7B A2 52 BF B7 3E 69 C9 94 E8 8A ...,...R..>i....
	}
	}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.782 BRT\|Finished.java:898\|Consuming server Finished handshake message (
	"Finished": {
	"verify data": {
	0000: 17 5E BB D3 90 00 11 4C C6 BE 34 27 CC 6D 13 80 .^.....L..4'.m..
	0010: 67 DA A0 CA C1 95 D0 B9 81 77 C0 55 83 14 2F BF g........w.U../.
	0020: D1 8D 76 31 61 EA 77 C2 56 74 7C 54 E7 28 71 F0 ..v1a.w.Vt.T.(q.
	}'}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.783 BRT\|SSLCipher.java:1866\|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
	countdown value = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.784 BRT\|Finished.java:673\|Produced client Finished handshake message (
	"Finished": {
	"verify data": {
	0000: 41 D3 66 DF A5 2F 8B 76 41 D2 4F DE 60 E7 83 C8 A.f../.vA.O.`...
	0010: FB 09 CB 8F A0 E2 10 EA C8 77 0B 75 E6 49 64 B9 .........w.u.Id.
	0020: 89 A7 FD 60 04 4F D4 66 14 A9 30 4D C3 6E 2C 4A ...`.O.f..0M.n,J
	}'}
	)
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.784 BRT\|SSLCipher.java:2020\|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
	countdown value = 137438953472
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.785 BRT\|SSLSocketImpl.java:578\|duplex close of SSLSocket
	javax.net.ssl\|DEBUG\|01\|main\|2023-09-26 23:12:42.785 BRT\|SSLSocketImpl.java:1760\|close the SSL connection (passive)