SSL Certificates- _certs file not complete

[adisidis]

Hey,

According to the study, the _hosts file consists the endpoint's X509 cert/s hash/s in the same order they were seen.
And indeed the above declaration is correct and implemented.

Unfortunately, the _certs (and _names) files do not follow this scheme. Thus pairing a X509 SHA-1's cert from the _hosts file to it's base64-encoded X509 certificate itself is impossible.

For example,

Hosts file:

head -n 9 2020-12-28-1609117501-https_get_443_hosts
212.247.165.132,27ac9369faf25207bb2627cefaccbe4ef9c319b8
212.247.165.132,ed255a66b19749313e098bcfcf25e5c84e478410
212.247.165.132,340b2880f446fcc04e59ed33f52b3d08d6242964
54.213.64.93,917e732d330f9a12404f73d8bea36948b929dffc
54.213.64.93,06b25927c42a721631c1efd9431e648fa62e1e39
54.213.64.93,9e99a48a9960b14926bb7f3b02e22da2b0ab7280
54.213.64.93,a78bb9f1e8f1574065c363ecc1aa8ca9b08503cb
92.53.120.226,bd567aa361e9f3bc6d0cf895cc8a7e5d7c409653
92.53.120.226,48504e974c0dac5b5cd476c8202274b24c8c7172

Certs file:

head -n 9 2020-12-28-1609117501-https_get_443_certs
ed255a66b19749313e098bcfcf25e5c84e478410,.{removed b64 blobs}.
a78bb9f1e8f1574065c363ecc1aa8ca9b08503cb,...
bd567aa361e9f3bc6d0cf895cc8a7e5d7c409653,...
48504e974c0dac5b5cd476c8202274b24c8c7172,...
254cd797b8e03d2ce4bb19236146cc4fdb219fd9,...
626d44e704d1ceabe3bf0d53397464ac8080142c,...
43bcf564986cf5ad68609f07f86c85e8ad02d149,...
ed902d3c4a731711ce3aca763aa9d4e71e3af3ef,...
d60147ee116acb82439f9a96debd7dcd592fbe5f,...