@allanwmacdonald so the signature verification worked, I guess. The expired key is nothing bad, important is that it was valid when the signature was created.
I'm just wondering about the first output of retrieving the key: ``` $ gpg --recv-keys 01380DF54FD09D02 gpg: key 01380DF54FD09D02: new key but contains no user ID - skipped gpg: Total number processed: 1 gpg: w/o user IDs: 1 ```
@frlan was the key not uploaded?
Maybe we should update the instructions to import the key from the file on geany.org?