-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Since we're using Let's Encrypt, the fingerprint of the certificate is
not that useful (although this statement in itself can be considered a
poor man's CAA: the issuer should be Let's Encrypt). Here's the key
fingerprint in HPKP format (256-bit SHA-2 in Base64 encoding):
GDsPiknRjmuM06cdPPSNnQ1ViZEQIky2LJ0N0Rk0LTo=
You can reproduce this using the following command line:
$ openssl x509 -in cert.pem -pubkey -noout | openssl rsa -pubin \
-outform DER | openssl dgst -sha256 -binary | base64
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEJ48WP6uw7+QSibqgdVkYHpQXbMwFAlp8XNgACgkQdVkYHpQX
bMzrywgAjjYX1eWwTiz5O7H7LPSi7iJ6Wgm6QQSw+dbU+v4MVJUAHBbvYoYj0ijS
qwpHUtHCjUVJsuiWLGkRm2eXszqSve9ZKl3CPPOLdEVHMh++bF33B1vUkvMOAuG8
1w3MwVs4cFEC7HWqBLIVjdAO1xCMZicd280Owm4jLlyihf+b95XEAdhXjnklq7Gp
RdiTwK+c0gde9ZnGl6Ntz0/ANuEIPKC27Gg2vmO9NGdJJHkoCcAlFUx6nukPsBjb
qTNoZI1xbkTMtQfe+iQPxyW5DhG4MzupZVEKZ9cgXOHuAfYncOW0G4XLBZQ1ClvH
4imb1uJenDMJyrAtVbK6QDvTLz3wYw==
=yvk1
-----END PGP SIGNATURE-----