As an update (not that anybody really cares :) ) The key has been updated and also verifies again.
Fun detail is that they updated all the signatures too, which is partially good as at least one can verify them; one cannot know for sure when they updated it (well, except for folks like me who pull the directory and git and keep a watch on it that way). Greets, Jeroen -- > On 20210331, at 16:53, Jeroen Massar <[email protected]> wrote: > > As it is 1 april tomorrow, some things expired yesterday: > > Not After : Mar 30 13:28:58 2021 GMT > > That thing is.... the COMLOT key to verify those Geldspielgesetz keys for > their fun list of worldwide casinos: > https://blacklist.comlot.ch/comlot_blacklist.txt > > see full cert details below. > > You can get the key with or attached: > > $ wget -vS https://blacklist.comlot.ch/blacklist.comlot.ch.pub > --2021-03-31 16:50:00-- https://blacklist.comlot.ch/blacklist.comlot.ch.pub > Resolving blacklist.comlot.ch (blacklist.comlot.ch)... 194.187.88.5 > Connecting to blacklist.comlot.ch (blacklist.comlot.ch)|194.187.88.5|:443... > connected. > HTTP request sent, awaiting response... > HTTP/1.1 200 OK > Server: nginx/1.14.2 > Date: Wed, 31 Mar 2021 14:50:01 GMT > Content-Type: application/octet-stream > Content-Length: 2927 > Connection: keep-alive > Last-Modified: Wednesday, 31-Mar-2021 14:50:01 GMT > Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, > max-age=0 > Strict-Transport-Security: max-age=15768000 > Accept-Ranges: bytes > Length: 2927 (2.9K) [application/octet-stream] > Saving to: ‘blacklist.comlot.ch.pub’ > > blacklist.comlot.ch.pub > 100%[==========================================================>] 2.86K > --.-KB/s in 0s > > 2021-03-31 16:50:01 (558 MB/s) - ‘blacklist.comlot.ch.pub’ saved [2927/2927] > > Funny that nginx claims the file changed... the moment I downloaded it, bit > strange for a static file. > > > Anybody has contacts at COMLOT. As technically speaking, we should not be > updating the list anymore into RPZ now; the process I have is thus stuck at > the list from yesterday.... (not that it matters, with such a nice list, a > bit of VPN and/or simply choosing any non-provider DNS server and voila... > bypassed the law.... you, know, Their Law! > > https://www.youtube.com/watch?v=zKNoU2P0dQc > > Enjoy! > > Greet, > Jeroen > > -- > > > openssl x509 -in blacklist.comlot.ch.pub -text > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > 61:5d:a4:eb:83:eb:a0:a3:be:97:59:c9:56:9b:28:e9 > Signature Algorithm: sha256WithRSAEncryption > Issuer: C = CH, O = SwissSign AG, CN = SwissSign CH Person Platinum CA > 2017 - G22, organizationIdentifier = NTRCH-CHE-109.357.012 > Validity > Not Before: Mar 30 13:28:58 2020 GMT > Not After : Mar 30 13:28:58 2021 GMT > Subject: C = CH, L = Bern, ST = BE, organizationIdentifier = > NTRCH-CHE-196.380.112, O = Lotterie- und Wettkommission Comlot, CN = > Lotterie- und Wettkommission Comlot > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > RSA Public-Key: (2048 bit) > Modulus: > 00:8d:2c:7f:48:c2:07:30:b9:fa:29:26:1d:29:83: > 82:41:ef:73:2e:8e:dc:de:28:a4:6b:0b:93:0d:19: > b6:ee:d2:c5:63:95:3f:d0:ed:a7:f3:80:70:e3:07: > 48:6e:f3:e7:5a:d1:fd:80:d5:2e:4e:6d:3d:e1:db: > 8e:44:2f:4f:a7:21:58:1d:c9:59:40:9b:97:85:4c: > b6:5a:f6:cc:1a:71:a1:ef:59:59:65:f2:6c:be:25: > 74:15:37:29:40:b1:6c:6d:3b:43:82:85:ee:5b:e8: > 01:86:92:32:a5:f8:a9:ba:8b:85:6e:14:6e:ca:cc: > 33:35:ff:7e:b7:fb:1c:c6:dc:c3:c4:f8:31:7b:73: > c8:91:86:59:07:4b:75:1f:10:68:50:61:93:19:5b: > ac:3d:43:c4:49:0a:ea:17:1b:ea:0e:f5:c1:7f:d5: > db:c0:58:c5:61:19:dd:05:b7:b5:35:27:85:ea:ec: > 70:6e:c5:a6:d5:c1:ca:5b:85:3e:42:08:14:f0:01: > aa:b5:47:93:ed:ed:eb:20:35:db:d8:d8:58:da:6b: > dc:3d:14:ee:e1:91:c8:85:12:d5:59:9c:fc:4f:04: > 0e:f5:a4:d5:c0:ab:ec:57:6b:c1:d9:8f:1d:6b:dc: > bf:5a:0e:58:a0:4c:01:0f:13:31:c0:0b:dd:ac:aa: > 2b:6f > Exponent: 65537 (0x10001) > X509v3 extensions: > X509v3 Key Usage: critical > Digital Signature > X509v3 Basic Constraints: > CA:FALSE > X509v3 Subject Key Identifier: > 1B:2B:A0:91:2C:6F:2B:92:49:EC:96:04:BD:1C:8D:36:35:45:4D:76 > X509v3 Authority Key Identifier: > keyid:1E:C8:04:6D:FB:72:62:51:60:A2:73:24:6F:BE:F2:5F:4D:34:92:FC > > X509v3 CRL Distribution Points: > > Full Name: > URI:http://crl.swisssign.net/1EC8046DFB72625160A273246FBEF25F4D3492FC > > Full Name: > URI:ldap://directory.swisssign.com/CN=1EC8046DFB72625160A273246FBEF25F4D3492FC%2CO=SwissSign%20AG%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint > > X509v3 Certificate Policies: > Policy: 2.16.756.1.89.1.1.1.1.10 > CPS: > https://repository.swisssign.com/SwissSign-Platinum-CP-CPS.pdf > User Notice: > Explicit Text: regulated certificate > Policy: 0.4.0.194112.1.3 > > Authority Information Access: > CA Issuers - > URI:http://swisssign.net/cgi-bin/authority/download/1EC8046DFB72625160A273246FBEF25F4D3492FC > OCSP - > URI:http://platinum-g2.ocsp.swisssign.net/1EC8046DFB72625160A273246FBEF25F4D3492FC > > qcStatements: > 0c0......F..0B.....F..08.2https://repository.swisssign.com/SwissSign-PDS.pdf..en0......F..0......F... > Signature Algorithm: sha256WithRSAEncryption > 10:08:b0:64:2d:63:90:e2:07:4e:ed:d1:87:62:0a:43:88:c8: > 87:b9:85:91:ae:ba:8b:f7:f6:33:d3:cd:a0:63:37:28:28:4f: > c0:ec:15:06:a7:e4:86:1f:03:28:ad:e5:32:68:14:e2:ee:6e: > 62:97:fc:95:7a:ac:fe:b1:a4:24:d1:99:89:2e:cd:ee:ca:c3: > 76:c9:38:8e:3b:16:bd:6f:89:5e:4a:94:d5:ea:f1:73:46:15: > 41:45:a4:8a:0b:8a:14:22:35:36:8c:fa:70:bb:19:73:6e:39: > 93:5d:0d:5c:43:60:8e:0e:38:ed:ac:96:74:0a:b9:51:bc:23: > 51:80:4d:cf:e2:64:02:80:af:dd:ef:40:b9:ba:36:0e:aa:3d: > 88:d9:29:20:56:68:39:a8:74:46:79:81:df:d0:c8:fb:4b:76: > 2b:c4:41:42:e8:c6:16:f7:94:7f:30:de:ba:22:d9:67:94:a7: > c2:01:4f:1f:31:2b:52:16:f3:ae:c4:b6:a4:f8:87:df:7f:92: > 73:e1:89:07:05:9b:8d:e9:c1:21:8a:b6:87:59:04:12:fb:b0: > f3:1a:95:0e:29:5d:95:af:a2:82:54:cb:9f:77:d7:90:00:42: > 06:53:88:d4:9f:26:b0:43:e9:b0:c1:9a:24:17:69:fc:87:66: > e3:67:01:bf > -----BEGIN CERTIFICATE----- > MIIG9zCCBd+gAwIBAgIQYV2k64ProKO+l1nJVpso6TANBgkqhkiG9w0BAQsFADB5 > MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMTMwMQYDVQQDEypT > d2lzc1NpZ24gQ0ggUGVyc29uIFBsYXRpbnVtIENBIDIwMTcgLSBHMjIxHjAcBgNV > BGETFU5UUkNILUNIRS0xMDkuMzU3LjAxMjAeFw0yMDAzMzAxMzI4NThaFw0yMTAz > MzAxMzI4NThaMIGlMQswCQYDVQQGEwJDSDENMAsGA1UEBxMEQmVybjELMAkGA1UE > CBMCQkUxHjAcBgNVBGETFU5UUkNILUNIRS0xOTYuMzgwLjExMjEsMCoGA1UEChMj > TG90dGVyaWUtIHVuZCBXZXR0a29tbWlzc2lvbiBDb21sb3QxLDAqBgNVBAMTI0xv > dHRlcmllLSB1bmQgV2V0dGtvbW1pc3Npb24gQ29tbG90MIIBIjANBgkqhkiG9w0B > AQEFAAOCAQ8AMIIBCgKCAQEAjSx/SMIHMLn6KSYdKYOCQe9zLo7c3iikawuTDRm2 > 7tLFY5U/0O2n84Bw4wdIbvPnWtH9gNUuTm094duORC9PpyFYHclZQJuXhUy2WvbM > GnGh71lZZfJsviV0FTcpQLFsbTtDgoXuW+gBhpIypfipuouFbhRuyswzNf9+t/sc > xtzDxPgxe3PIkYZZB0t1HxBoUGGTGVusPUPESQrqFxvqDvXBf9XbwFjFYRndBbe1 > NSeF6uxwbsWm1cHKW4U+QggU8AGqtUeT7e3rIDXb2NhY2mvcPRTu4ZHIhRLVWZz8 > TwQO9aTVwKvsV2vB2Y8da9y/Wg5YoEwBDxMxwAvdrKorbwIDAQABo4IDTDCCA0gw > DgYDVR0PAQH/BAQDAgeAMAwGA1UdEwQFMAMBAQAwHQYDVR0OBBYEFBsroJEsbyuS > SeyWBL0cjTY1RU12MB8GA1UdIwQYMBaAFB7IBG37cmJRYKJzJG++8l9NNJL8MIIB > BAYDVR0fBIH8MIH5MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvMUVD > ODA0NkRGQjcyNjI1MTYwQTI3MzI0NkZCRUYyNUY0RDM0OTJGQzCBraCBqqCBp4aB > pGxkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLmNvbS9DTj0xRUM4MDQ2REZCNzI2 > MjUxNjBBMjczMjQ2RkJFRjI1RjREMzQ5MkZDJTJDTz1Td2lzc1NpZ24lMjBBRyUy > Q0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNz > PWNSTERpc3RyaWJ1dGlvblBvaW50MIGXBgNVHSAEgY8wgYwwfwYKYIV0AVkBAQEB > CjBxMEoGCCsGAQUFBwIBFj5odHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv > bS9Td2lzc1NpZ24tUGxhdGludW0tQ1AtQ1BTLnBkZjAjBggrBgEFBQcCAjAXDBVy > ZWd1bGF0ZWQgY2VydGlmaWNhdGUwCQYHBACL7EABAzCB0gYIKwYBBQUHAQEEgcUw > gcIwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0 > aG9yaXR5L2Rvd25sb2FkLzFFQzgwNDZERkI3MjYyNTE2MEEyNzMyNDZGQkVGMjVG > NEQzNDkyRkMwWgYIKwYBBQUHMAGGTmh0dHA6Ly9wbGF0aW51bS1nMi5vY3NwLnN3 > aXNzc2lnbi5uZXQvMUVDODA0NkRGQjcyNjI1MTYwQTI3MzI0NkZCRUYyNUY0RDM0 > OTJGQzBxBggrBgEFBQcBAwRlMGMwCAYGBACORgEEMEIGBgQAjkYBBTA4FjJodHRw > czovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tUERTLnBkZhMC > ZW4wEwYGBACORgEGMAkGBwQAjkYBBgIwDQYJKoZIhvcNAQELBQADggEBABAIsGQt > Y5DiB07t0YdiCkOIyIe5hZGuuov39jPTzaBjNygoT8DsFQan5IYfAyit5TJoFOLu > bmKX/JV6rP6xpCTRmYkuze7Kw3bJOI47Fr1viV5KlNXq8XNGFUFFpIoLihQiNTaM > +nC7GXNuOZNdDVxDYI4OOO2slnQKuVG8I1GATc/iZAKAr93vQLm6Ng6qPYjZKSBW > aDmodEZ5gd/QyPtLdivEQULoxhb3lH8w3roi2WeUp8IBTx8xK1IW867EtqT4h99/ > knPhiQcFm43pwSGKtodZBBL7sPMalQ4pXZWvooJUy59315AAQgZTiNSfJrBD6bDB > miQXafyHZuNnAb8= > -----END CERTIFICATE----- > <blacklist.comlot.ch.pub> _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
