-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-piwik_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-piwik_14.0-1_amd64.ova
      b122705c103db4032be9d9c0979e9604

    $ sha1sum debian-8-turnkey-piwik_14.0-1_amd64.ova
      32979da99381d27654aea72a68fbd60a1b1c1a80

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxVAAoJEIXCXpWhbrlNghkH/0knYrn1/RR2ZGaCAn7xvAU7
/A3bcQuwwG5rntGpf0JB/91LF8tuUmFAes1Js4vSh1FkxTuCDXRO99Oga9JntukR
hzOBYX9G1W7HUX99YZ37IEtTkWOAJgwJxAAV1NgUsuILYz0mmi2hk8AcEoIQixmk
RAqnapiglumj9nj95kJpYUQs9Itcal2IzefjA+JhOIAAmudp7e/qi8kgjh7EeCUA
ozBmy1W/ArgjmEETO9zbiYW3z8R+daHdi41MCq4tDNKdhlTQBLCNAav1GJjCdYph
n2K79ZHnMC0e/IuTlmHUD0FVSeQ2NeLNX1idccOFG0hTPrWrBW4Ol3652XFLfqA=
=ogge
-----END PGP SIGNATURE-----