-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-mantis_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-mantis_14.0-1_amd64.ova
      6aa7b46f85210aa83162ad487ec75594

    $ sha1sum debian-8-turnkey-mantis_14.0-1_amd64.ova
      adc7a046d508c1eb1467719063ff6f7e4eca63f3

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxTAAoJEIXCXpWhbrlNpEIH/RvkHpEdqXf5VfA6lk8PmczV
ijHzeyT1kpeXtJVuKQD3t04ua6UiXCAuVf2t/+7sqDRBbAtHKLg+rz4Q5QJcKflo
h9AL8wwCNQ+2SR9LHg/6xBF2E4du2vmxKhX5qoa+ZHe19m92Wl+iYpm4LjvzaRb0
Ms/RjvWhPuu4lWdzA82jj02euYeaVVcE7e8/UNDSQXt1qr7G2U9nwnxZlcydbfbf
lB5SpUc6Ns8ZadT+MOOmOG6GZdrxo1p1P3Ci5pczT4KLVk5KFJNBH/oFWjKwu+/a
JNP37vnK/iQa8JfT7ZnC/ximr/DmT8lgaHVyo6a/ojeKbQO3FuE29FQnOrOPSoQ=
=hZ85
-----END PGP SIGNATURE-----