scripts/keys: update roasbeef keys with new expiry

[Roasbeef]

My key recently expired, in this commit, we update the keys to the new refreshed version. These are the same keys, but with an expiry further out.

Here's a clear sign of the latest Bitcoin block hash:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

000000000000000000013215ef7c32bc0427f388fc83623affe712f388
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQpYhJoGq3wVlaize6QUl997uCthgUCaPi6xwAKCRCQUl997uCt
hpqNAQC5VnnbO6h/PjywGhU4LLRvH8SdgdDEMSc7xrtWd1vgPgD+IDrHqiAb+h38
ORBnUVJCVuZrPebtdnYXVQhII91eaw4=
=WRbl
-----END PGP SIGNATURE-----

[gemini-code-assist]

Summary of Changes

Hello @Roasbeef, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on maintaining the integrity and usability of cryptographic assets by updating an expired PGP public key. The change ensures that the key associated with 'roasbeef' remains valid for verification purposes, preventing disruptions due to key expiration by extending its validity period.

Highlights

• PGP Key Update: The PGP public key for user 'roasbeef' has been updated in the scripts/keys directory.
• Key Expiration: This update addresses the recent expiration of the previous key.
• Extended Expiry: The updated key is functionally the same but includes a new, extended expiry date to ensure continued validity.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request updates the PGP key for roasbeef with a new expiry date. I have reviewed the changes and identified one critical issue related to the validity of the updated key. Specifically, the script scripts/check-pgp-expiry.sh checks for key expiry, and if the key is invalid, it will cause issues.

[gemini-code-assist]

The updated key should be checked to ensure it is valid and hasn't expired. The scripts/check-pgp-expiry.sh script should be run to validate the key.

[bhandras]

Soft verified that the provided PGP signed message indeed matches the new pubkey:

❯ gpg --import roasbeef.asc                           15:49:14
gpg: key DC42612E89237182: public key "Olaoluwa Osuntokun <laolu32@gmail.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
~
❯ gpg --verify msg.asc                                15:50:17
gpg: Signature made Sze Okt 22 13:06:47 2025 CEST
gpg:                using EDDSA key 296212681AADF05656A2CDEE90525F7DEEE0AD86
gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: A5B6 1896 952D 9FDA 83BC  054C DC42 612E 8923 7182
     Subkey fingerprint: 2962 1268 1AAD F056 56A2  CDEE 9052 5F7D EEE0 AD86

LGTM 🎉