$ gpg2 --verify dist.zip.sig
gpg: assuming signed data in 'dist.zip'
gpg: Signature made Sat 22 Jul 2023 07:30:53 PM CEST
gpg: using RSA key 868184069239FF65DE0BCD7DD9BAE35991DE5B22
gpg: Good signature from "Szczepan Zalega <[email protected]>" [ultimate]
gpg: aka "Szczepan Zalega (Nitrokey) <[email protected]>" [ultimate]