diff --git a/autospec/config.py b/autospec/config.py
index a839e1c1..1674f1d7 100644
--- a/autospec/config.py
+++ b/autospec/config.py
@@ -121,6 +121,7 @@ def __init__(self, download_path):
         self.failed_commands = {}
         self.ignored_commands = {}
         self.gems = {}
+        self.keyid_blocklist = {}
         self.license_hashes = {}
         self.license_translations = {}
         self.license_blacklist = {}
@@ -603,6 +604,7 @@ def setup_patterns(self, path=None):
         read_pattern_conf("license_blacklist", self.license_blacklist, list_format=True, path=path)
         read_pattern_conf("qt_modules", self.qt_modules, path=path)
         read_pattern_conf("cmake_modules", self.cmake_modules, path=path)
+        read_pattern_conf("keyid_blocklist", self.keyid_blocklist, list_format=True, path=path)
 
     def parse_existing_spec(self, name):
         """Determine the old version, old patch list, old keyid, and cves from old spec file."""
diff --git a/autospec/keyid_blocklist b/autospec/keyid_blocklist
new file mode 100644
index 00000000..8210d768
--- /dev/null
+++ b/autospec/keyid_blocklist
@@ -0,0 +1 @@
+59FCF207FEA7F445
diff --git a/autospec/pkg_integrity.py b/autospec/pkg_integrity.py
index ed308ea0..a12bfe2c 100644
--- a/autospec/pkg_integrity.py
+++ b/autospec/pkg_integrity.py
@@ -483,6 +483,10 @@ def verify(self, recursion=False):
             return None
         # valid signature exists at package_sign_path, operate on it now
         keyid = get_keyid(self.package_sign_path)
+        if keyid in self.config.keyid_blocklist:
+            self.print_result(False, err_msg='KEYID IN BLOCKLIST: {}'.format(keyid))
+            self.quit()
+
         # default location first
         pubkey_loc = self.pubkey_path.format(keyid)
         cache_key = os.path.join(KEY_CACHE_DIR, pubkey_loc)