Now we're getting somewhere!
As you can see from my earlier post I was considering an SSL MITM and at the same time kind of doubting it would work. You finding the request URL in plaintext changes things though. If GAMEFREAK's code doesn't break upon modifying that URL to use plain HTTP we could set up a proxy server to log whatever comes from the DS, SSL-ify it, and relay it to the real server then do the same thing in reverse for what the server sends back. Once we know the protocol we could use some of the same techniques to set up a fake server. The catch is that it would require ROM hacking; I may try to focus on methods that wouldn't require ROM hacking first.
Awesome find. I've searched all over for this but I never thought to look for just a partial URL. This'll be very useful; we could probably have a working client without anything more then this.
I've seen these before and they are definitely SSL/certificate related. They're not the private key though; I'm not sure how much you know about RSA but the private key never needs to leave the server for the whole SSL scheme to work, having it on the DS would be pointless and even more insecure than GF normally is.
However, I am noticing good things that I failed to see before. The dls1 server's certificate correlates with "US, Washington, Nintendo of America Inc, NOA, Nintendo CA, ca@noa.nintendo.com" (those are several of the fields on the certificate). Each of the bytestrings you copied looks to be a public key (it's the correct length for a 1024bit key) and some metadata. The metadata actually precedes the "name" part.
Like this:
01 00 01 00 E0 CA 20 02 80 00 00 00 30 CB 20 02 03 00 00 00 C8 CA 20 02 // metadata
55 53 2C 20 57 61 73 68 69 6E 67 74 6F 6E 2C 20 4E 69 6E 74 65 6E 64 6F // "US, Washington, Nintendo of America Inc, NOA, Nintendo CA, ca@noa.nintendo.com"
20 6F 66 20 41 6D 65 72 69 63 61 20 49 6E 63 2C 20 4E 4F 41 2C 20 4E 69
6E 74 65 6E 64 6F 20 43 41 2C 20 63 61 40 6E 6F 61 2E 6E 69 6E 74 65 6E
64 6F 2E 63 6F 6D 00 00
B3 CD 79 97 77 5D 8A AF 86 A8 E8 D7 73 1C 77 DF 10 90 1F 81 F8 41 9E 21 // 1024 bit RSA public key of Nintendo CA
55 DF BC FC 63 FB 19 43 F1 F6 C4 72 42 49 BD AD 44 68 4E F3 DA 1D E6 4D
D8 F9 59 88 DC AE 3E 9B 38 09 CA 7F FF DC 24 A2 44 78 78 49 93 D4 84 40
10 B8 EC 3E DB 2D 93 C8 11 C8 FD 78 2D 61 AD 31 AE 86 26 B0 FD 5A 3F A1
3D BF E2 4B 49 EC CE 66 98 58 26 12 C0 FB F4 77 65 1B EA FB CB 7F E0 8C
CB 02 A3 4E 5E 8C EA 9B
I've gotta check if the key in encrypted at all to prevent tampering...