After this excellent talk at NDSS 17 <https://www.internetsociety.org/doc/security-impact-https-interception>, I wanted to see if there are some Atlas probes behind such an interceptor. I cannot run on all Atlas probes (maximum daily spending limit) but I've found at least one:
% python cert.py --requested 500 --area North-Central --issuer www.afnic.fr 497 probes reported [<X509Name object '/C=NL/O=OCOM/OU=Security Dep/CN=amspan01.ocom.lan/[email protected]'>] : 1 occurrences [<X509Name object '/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Extended Validation CA - SHA256 - G2'>] : 496 occurrences Test #7854923 done at 2017-03-03T16:20:43Z The probe is #10035, in Amsterdam <https://atlas.ripe.net/probes/10035/#!tab-general> The cert.py program is at <https://github.com/RIPE-Atlas-Community/ripe-atlas-community-contrib>
