$ wget -dv https://invisible-mirror.net/archives/
Setting --verbose (verbose) to 1
DEBUG output created by Wget 1.21.1 on cygwin.

Reading HSTS entries from $HOME/.wget-hsts
URI encoding = ‘UTF-8’
Converted file name 'index.html' (UTF-8) -> 'index.html' (UTF-8)
--2021-10-02 13:18:02--  https://invisible-mirror.net/archives/
Certificates loaded: 167
Resolving invisible-mirror.net (invisible-mirror.net)... 160.153.42.69
Caching invisible-mirror.net => 160.153.42.69
Connecting to invisible-mirror.net (invisible-mirror.net)|160.153.42.69|:443... connected.
Created socket 3.
Releasing 0x00000008001febb0 (new refcount 1).
ERROR: The certificate of ‘invisible-mirror.net’ is not trusted.
ERROR: The certificate of ‘invisible-mirror.net’ has expired.
$ 
$ curl -Iv --trace-ascii - https://invisible-mirror.net/archives/
Warning: --trace-ascii overrides an earlier trace/verbose option
== Info: STATE: INIT => CONNECT handle 0x8000bf178; line 1789 (connection #-5000)
== Info: Added connection 0. The cache now contains 1 members
== Info: STATE: CONNECT => RESOLVING handle 0x8000bf178; line 1835 (connection #0)
== Info: family0 == v4, family1 == v6
== Info:   Trying 160.153.42.69:443...
== Info: STATE: RESOLVING => CONNECTING handle 0x8000bf178; line 1917 (connection #0)
== Info: Connected to invisible-mirror.net (160.153.42.69) port 443 (#0)
== Info: STATE: CONNECTING => PROTOCONNECT handle 0x8000bf178; line 1980 (connection #0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: successfully set certificate verify locations:
== Info:  CAfile: /etc/pki/tls/certs/ca-bundle.crt
== Info:  CApath: none
== Info: Didn't find Session ID in cache for host HTTPS://invisible-mirror.net:443
=> Send SSL data, 5 bytes (0x5)
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
== Info: STATE: PROTOCONNECT => PROTOCONNECTING handle 0x8000bf178; line 2000 (connection #0)
<= Recv SSL data, 5 bytes (0x5)
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 106 bytes (0x6a)
<= Recv SSL data, 5 bytes (0x5)
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 2472 bytes (0x9a8)
=> Send SSL data, 5 bytes (0x5)
== Info: TLSv1.2 (OUT), TLS alert, certificate expired (557):
=> Send SSL data, 2 bytes (0x2)
== Info: SSL certificate problem: certificate has expired
== Info: multi_done
== Info: The cache now contains 0 members
== Info: Closing connection 0
== Info: Expire cleared (transfer 0x8000bf178)
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
$ 
$ wget2 -dv https://invisible-mirror.net/archives/
02.131808.926 Local URI encoding = 'UTF-8'
02.131808.927 Input URI encoding = 'UTF-8'
02.131808.947 Fetched HSTS data from '$HOME/.local/share/wget/.wget-hsts'
02.131808.950 Fetched HPKP data from '$HOME/.local/share/wget/.wget-hpkp'
02.131808.953 Fetched OCSP hosts from '$HOME/.local/share/wget/.wget-ocsp_hosts'
02.131808.956 Fetched OCSP fingerprints from '$HOME/.local/share/wget/.wget-ocsp'
02.131808.956 set_exit_status(0)
02.131808.956 *url =
02.131808.956 *3 https://invisible-mirror.net/archives/
02.131808.956 local filename = 'index.html'
02.131808.956 host_add_job: job fname index.html
02.131808.956 host_add_job: 0x8000a0720 https://invisible-mirror.net/archives/
02.131808.956 host_add_job: qsize 1 host-qsize=1
02.131808.956 queue_size: qsize=1
02.131808.956 queue_size: qsize=1
02.131808.957 queue_size: qsize=1
02.131808.957 [0] action=1 pending=0 host=0x0
02.131808.957 dequeue job https://invisible-mirror.net/archives/
02.131808.957 resolving invisible-mirror.net:443...
02.131808.991 has 160.153.42.69:443
02.131808.991 trying 160.153.42.69:443...
02.131808.992 GnuTLS init
02.131809.130 GnuTLS system certificate store is empty
02.131809.130 Certificates loaded: 167
02.131809.131 GnuTLS init done
02.131809.131 TLS False Start requested
02.131809.131 ALPN offering h2
02.131809.131 ALPN offering http/1.1
ERROR: The certificate is NOT trusted. The certificate chain uses expired certificate.
02.131809.442 gnutls_handshake: (-43) Error in the certificate. (errno=11)
02.131809.442 ALPN: Server accepted protocol 'h2'
----
Certificate info [0]:
  Valid since: 2021 Aug 01 Sun 11:19:48
  Expires: 2021 Oct 30 Sat 11:19:46
  Fingerprint: 5f45fb6a2fb7799fd180c574e6756eb6
  Serial number: 5f45fb6a2fb7799fd180c574e6756eb6
  Public key: RSA, Medium (2048 bits)
  Version: #3
  DN: CN=invisible-mirror.net
  Issuer's DN: C=US,O=Let's Encrypt,CN=R3
  Issuer's OID: 2.5.4.6
  Issuer's UID: 2.5.4.6
Certificate info [1]:
  Valid since: 2020 Oct 07 Wed 13:21:40
  Expires: 2021 Sep 29 Wed 13:21:40
  Fingerprint: 312128f5a0ed7ba54b6582928756ba83
  Serial number: 312128f5a0ed7ba54b6582928756ba83
  Public key: RSA, Medium (2048 bits)
  Version: #3
  DN: C=US,O=Let's Encrypt,CN=R3
  Issuer's DN: O=Digital Signature Trust Co.,CN=DST Root CA X3
  Issuer's OID: 2.5.4.10
  Issuer's UID: 2.5.4.10
----
Ephemeral ECDH using curve (null)
Key Exchange: ECDHE-RSA
Protocol: TLS1.2
Certificate Type: X.509
Cipher: NULL
MAC: MAC-NULL
----
02.131809.443 closing connection
Failed to connect: Certificate error
02.131809.443 host_final_failure: qsize=0
02.131809.443 set_exit_status(5)
02.131809.443 host_increase_failure: invisible-mirror.net failures=1
02.131809.443 [0] action=3 pending=1 host=0x8000a06a0
02.131809.443 released job https://invisible-mirror.net/archives/
02.131809.443 [0] action=1 pending=0 host=0x0
02.131809.443 host invisible-mirror.net is blocked (qsize=1)
02.131809.443 main: wake up
02.131809.443 main: done
02.131809.450 Successfully updated '$HOME/.local/share/wget/.wget-ocsp_hosts'.
02.131809.451 Saved OCSP hosts to '$HOME/.local/share/wget/.wget-ocsp_hosts'
02.131809.457 Successfully updated '$HOME/.local/share/wget/.wget-ocsp'.
02.131809.458 Saved OCSP fingerprints to '$HOME/.local/share/wget/.wget-ocsp'
02.131809.458 blacklist https://invisible-mirror.net/archives/