Upstream release 1.3.0 Excluded the debian/ directory > gpg --verify ../libfido2-1.3.0.tar.gz.sig > gpg: assuming signed data in '../libfido2-1.3.0.tar.gz' > gpg: Signature made Thu 28 Nov 2019 12:54:26 PM CET > gpg: using RSA key 67304B48053E5E5D0CDA520B6335A9E530B04D0C > gpg: please do a --check-trustdb > gpg: Good signature from "pedro martelletto <pedro@yubico.com>" [expired] > gpg: Note: This key has expired! > Primary key fingerprint: EE90 AE0D 1977 4C83 8662 8FAA B428 949E F791 4718 > Subkey fingerprint: 6730 4B48 053E 5E5D 0CDA 520B 6335 A9E5 30B0 4D0C