-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

For nm.debian.org, at 2022-11-20
For the past 2 years, I have worked with Vasyl Gello on kodi packaging.

For this past work, Vasyl Gello sent mails using the email address
vasek.gello@gmail.com which is the one they're using on nm.debian.org,
and they signed their work (I'm talking git commits as well as signed
tarballs) using a GPG key with fingerprint
    11C6 2C63 4CC6 1C07 74A7  EE12 2C51 41A1 5285 EC0A.

He also has done that very consistently, though I haven't seen many
gpg-signed mails, all his git commits and tags have been signed.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that Vasyl Gello as they
present themselves on nm.debian.org is the rightful owner of both email
vasek.gello@gmail.com and GPG key 11C6 2C63 4CC6 1C07 74A7  EE12 2C51 41A1 5285 EC0A.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAmN6a+QACgkQCBa54Yx2
K60dIw//ePfbmlKbBx59zZ1LxFNkZ8KMya5jSx40JHNQlFXvi+pX92mDHkpnKS7s
BbYbQewGYwsEHcIUY6OLgXdblZlZ6qptGxqYakc9lo/IuWynb47PtlaYubvb5W6n
CjHdqIsQRJzNXpUFvJfa+zcM189qL8LSZhZRUwLnf74cNObzbyeCGBhj4qF2AtXC
RQ+a41ffQBt/USgUFFodB9G3SGYwL7nj1xQypKTgNqIRR7xxNVfD/IQw1h0RTqZk
wOCmyM5ohgaB53yR+N0WyXZXmWcIExr5yP0S94tGhtDg7+gjfuopkvfmpfEjc4fL
bvw+1sPxc4qkD8SaB1r3XIBeByGVhTV9B1u5jtT0+tOVujhkj08tplWd5DrP9NKu
HVrDPJeNrQwfXu5hIf0PCz5Rok+JviVoFJLAXdyPoDiisMn79YggvHeq4oM2Ndme
6Lk5z/HWBAirhJ/X4DphIXLBxxl5fU73q0Jecl+yLXujDQRF9Nyvw0MqOnQHAA7o
V0VtbrKykM+SUdIJYaj6K02Yyl4vWQGoFfpdW+pdgtVbDVgwMjuFg9+nSkbfgssj
9qR1lrO9JPILu9oIuRpJ+JfC+crVHXVR0dcaUe9rdl4eb5pqt6qOppPOEfAsKJ8Z
b/GxMFQFm5U5XyTmtY9HcDS5mrgNqz5OJqecikS0sQL9m/PaJjM=
=JF84
-----END PGP SIGNATURE-----