Comment # 1 on bug 1222852 from andreas bittner

today yet another different repo problem:

sudo zypper -vvvv ref

.....
 Key Expires:      Fri 19 Jun 2026 04:03:14 PM CEST
  Rpm Name:         gpg-pubkey-29b700a4-62b07e22
Signature verification failed for file 'repomd.xml' from repository 'update'.

    Note: Signing data enables the recipient to verify that no modifications
occurred after the data
    were signed. Accepting data with no, wrong or unknown signature can lead to
a corrupted system
    and in extreme cases even to a system compromise.

    Note: File 'repomd.xml' is the repositories master index file. It ensures
the integrity of the
    whole repo.

    Warning: This file was modified after it has been signed. This may have
been a malicious change,
    so it might not be trustworthy anymore! You should not continue unless you
know it's safe.

    Note: This might be a transient issue if the server is in the midst of
receiving new data. The
    data file and its signature are two files which must fit together. In case
the request hit the
    server in the midst of updating them, the signature verification might
fail. After a few
    minutes, when the server has updated its data, it should work again.

Signature verification failed for file 'repomd.xml' from repository 'update'.
Continue? [yes/no] (no): no
Retrieving repository 'update' metadata
..................................................................................................................................[error]
Repository 'update' is invalid.
[update|http://cdn.opensuse.org/update/slowroll/repo/oss/] Valid metadata not
found at specified URL
History:
 - Signature verification failed for repomd.xml

Please check if the URIs defined for this repository are pointing to a valid
repository.
Skipping repository 'update' because of the above error.
Some of the repositories have not been refreshed because of an error.