gnutls-cli www.torproject.org                                                                                                           
Resolving 'www.torproject.org'...
Connecting to '38.229.72.14:443'...
- Session ID: FE:5A:D0:67:F9:7C:2D:03:E8:F0:E2:35:38:2D:F4:D0:D9:32:F7:95:B1:D6:E6:2F:78:F2:2B:D8:64:EB:2E:D1
- Certificate type: X.509
 - Got a certificate list of 2 certificates.
 - Certificate[0] info:
  - subject `C=US,ST=Massachusetts,L=Walpole,O=The Tor Project\, Inc.,CN=*.torproject.org', issuer `C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert High Assurance CA-3', RSA key 2048 bits, signed using RSA-SHA256, activated `2011-02-15 00:00:00 UTC', expires `2013-04-19 23:59:59 UTC', SHA-1 fingerprint `a7e70f8a648fe04a9677f13eedf6f91b5f7f2e25'
 - Certificate[1] info:
  - subject `C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert High Assurance CA-3', issuer `C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert High Assurance EV Root CA', RSA key 2048 bits, signed using RSA-SHA1, activated `2007-04-03 00:00:00 UTC', expires `2022-04-03 00:00:00 UTC', SHA-1 fingerprint `a2e32a1a2e9fab6ead6b05f64ea0641339e10011'
- The hostname in the certificate matches 'www.torproject.org'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Ephemeral Diffie-Hellman parameters
 - Using prime: 1024 bits
 - Secret key: 1023 bits
 - Peer's public key: 1019 bits
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed