How to detect fingerprint and type of the key from pubring.gpg(public keyring file)?

Martin T m4rtntns at
Fri Aug 2 00:58:06 CEST 2013


RIPE(RIR in European region) database allows one to upload ASCII armored
PGP public keys:
software is able to generate some "key-cert" object attributes
automatically. For example "method", "owner" and "fingerpr":

noc at T42 ~ $ whois -h -t key-cert | grep gene
method:         [generated]  [single]     [ ]
owner:          [generated]  [multiple]   [ ]
fingerpr:       [generated]  [single]     [inverse key]
noc at T42 ~ $

Example "key-cert" object provided by RIPE:

key-cert: PGPKEY-4B8AE00D
method:   PGP
owner:    Joe User <joe at>
fingerpr: 9D 82 4B B8 38 56 AE 12  BD 88 73 F7 EF D3 7A 92
certif:   Version: 2.6.3ia
certif:   mQA9AzZizeQAAAEBgJsq2YfoInVOWlLxalmR14GlUzEd0WgrUH9iXjZ
certif:   a/uqWiLnvN59S4rgDQAFEbQeSm9lIFRoZSBVc2VyIDxqb2VAZXhhbXB
certif:   iQBFAwUQNmLN5ee83n1LiuANAQFOFQGAmowlUYtF+xnWBdMNDKBiOSy
certif:   YvpKr05Aycn8Rb55E1onZL5KhNMYU/gd
certif:   =nfno
certif:   ---END PGP PUBLIC KEY BLOCK---
mnt-by:   EXAMPLE-MNT
changed:  joe at 19981117
source:   TEST

How are those fields automatically detected/generated? "Owner"(UID in gpg
terminology) is written to public key- one can verify this with analyzing
the public key with hex editor. However:

1) is "method" also built into public key? At least "hexdump -C pubring.gpg
| grep -i pgp" does not indicate this.. Or has "PGP" some sort of special
fingerprint which is understood by server-side software? Last but not
least, are there any other types besides "PGP"? I guess it is as pgpdump is
even able to dump the timestamp when the key itself was generated.

2) is fingerprint automatically hashed based on the UID?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130801/2c5b74a8/attachment.html>

More information about the Gnupg-users mailing list