-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-mibew-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-mibew-14.1-jessie-amd64-vmdk.zip
      a7c96b2c0a7fb603efb63075b952be49

    $ sha1sum turnkey-mibew-14.1-jessie-amd64-vmdk.zip
      b5fe03b95aefadbe758c85a8068f48a95f2701b5

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn1AAoJEIXCXpWhbrlNz7gIAKFzb03104Qi0u7+v4EWkEOu
jE39uXgHynLI6QDQy8RC5YziMwPD1fr2NCZk12+LJoX7kpKNwuTTBXNUs1DVX2Ni
O+cZwqoEPAw2KfFtdqXc4vvGDICfsuHNhmvP7ov/cAKo5t6F4Tkg5EXg0RnV1AUv
rVzRewO8P+kjiWqLEsijnxCnp7BqxhJu8fF7wh718QW2OpmFIKe1dAlV3fxGIdMF
jkw+UkF2GABnoV1MBX111wXf4Wnark8aw4TXJU8uTRkG4dNeChpJilNcDvQsB4Q2
ZChL8WcLwdUhTnyH9Q8cEOTfC+2fCpxWPOkZ5Z11CYoVw2YbMF7QXWnqQOc/hUc=
=7CJ9
-----END PGP SIGNATURE-----