Maybe your clock is wrong, maybe they're man in the middling the connection for network surveillance reasons.

It works for me. The cert is issued by DigiCert Inc and the sha1 fingerprint is DE:20:3D:46:FD:C3:68:EB:BA:40:56:39:F5:FA:FD:F5:4E:3A:1F:83

I have a completely different cert, issued by Cisco Umbrella Secondary SubCA ash-SG:

sha1 - 3B:AE:49:04:9E:6A:3D:BE:96:08:60:F0:9B:6B:2F:03:4F:E9:8C:43

Cisco Umbrella seems to be some type of security product for networks. Are you using a computer belonging to your employer or with employer software installed? They could be MITMing you. It seems odd that the Tor project would be using a Cisco product like that.

What about the cert for Hacker News, or my website https://throwpass.com ?

Other certs validate, it might be site-specific from my employer (I'm on my employer's network)?

OpenDNS/Cisco Umbrella is basically a DNS-level security service that analyzes your DNS queries, blocks known malware domains, etc.

For some high-risk domains - depending on some settings - it will also switch to MitM'ing the connection to take a closer look at the traffic and block it on that level if necessary. It might also just be necessary to show the "This domain is blocked" page when you're requesting a site via https. Usually, your employer would pre-install their CA certificate, which would bypass the HSTS warning, but I suppose this might be a BYOD setting (or they just forgot/didn't like the idea of Cisco being able to MitM all the things).

Are you using firefox? I had an issue recently where my max tls version had been set to 1. Min version was also 1, max is supposed to be 3. Check about:config.

Same here, I'm at work though, so it's probably my company.

Looks fine here, maybe try archive.is?