SHA256 checksum of FDroid.apk

after doing a few more searches on this, i found out, that it is possible to let gpg import the key from a public key server. wikipedia lists a few of these.
i don’t exactly recall how i managed this, but it involved searching for the key, importing it and verifying its signatures of the imported key.

hth