-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-piwik-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-piwik-14.0-jessie-amd64-vmdk.zip
      b7bc299b1b375006eb815bf2134101a9

    $ sha1sum turnkey-piwik-14.0-jessie-amd64-vmdk.zip
      70884cc74a87f541b511e4a5f989fb975e6199db

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdYAAoJEIXCXpWhbrlNF7EIAOqxi4WxUHe78BTHWpm752a0
cxi0ikGDfGwtXpyVqyM3v4B1gMfr6WYPFu7VXKK0Kgyy7ZRvy9VYhsSQnQJ6Kddl
CfSJEo/tWJWyZlOzvUyOwn4x08HEybcw7OKr/hj94P23i727jEamLhuQlMaDeBi3
NFtnC1+e6PStNLnnSAhCSAUDoZBpetDoz5qg+eL7EygLI9LZBspH35VJp+vcM9xB
p9uYYWSrsVOcBPxdWs+LlO+CVRrVQ5bhmK7NpvVJXNwhyND/6LXr4CHt23qWD5yw
eJk19wYN/Ng4AubvTjxvECtEc8bWdA69t3j4JJ7r2fHowqSSdtrLbOCyvE/WNfY=
=tBmM
-----END PGP SIGNATURE-----