At present I don't think it's wise to release what essentially amounts to exploit code. For
keys that aren't in the blacklist about which you aren't sure, I recommend looking at the
timestamp information (RSA keys generated before 17 Sep 2006, when the bug was introduced,
aren't vulnerable), but otherwise regenerate the key in case of doubt.