Get key signature/fingerprint for GPG Public Key

Question

How can I get the key signature from a GPG Public Key? For example, I need a signature for Spotify's public key here: https://download.spotify.com/debian/pubkey.gpg

Something like this, but for GPG Keys.

This is as far as I've got:

$ gpg pubkey.gpg 
pub  4096R/130D1D45 2019-07-15 Spotify Public Repository Signing Key <tux@spotify.com>

score 4 · Accepted Answer · answered Oct 16 '19 at 18:41

4

Download the key, import it, extract the email and run gpg --fingerprint.

cd ~ 
curl -O https://download.spotify.com/debian/pubkey.gpg
gpg --import ~/pubkey.gpg
gpg --fingerprint tux@spotify.com
# 2EBF 997C 15BD A244 B6EB  F5D8 4773 BD5E 130D 1D45

answered Oct 16 '19 at 18:41

sunknudsen

6,356
3
39
76

Sadly, the fingerprint must be extracted from the longer output of `gpg --fingerprint tux@spotify.com`. If you don't know how a fingerprint looks, this is not good UX. [not your fault - thanks for the hint!] – Alex Jan 06 '22 at 07:19

Get key signature/fingerprint for GPG Public Key

1 Answers1