Below you can find source files to download. (s) right of package name is a gpg signature. You can download gpg file or armored asc file to verify files. You can also look for key on public keyservers, fingerprint is

    63D0 C3DB 42AF 3B4F CF6E 7880 E84A 7E61 C785 0C62

You can download key directly from keyserver with

    gpg --recv-keys 63D0C3DB42AF3B4FCF6E7880E84A7E61C7850C62

Then you can verify downloaded image with command

    gpg --verify <sig-file> <package-file>

All files (including md5, sha256 and sha512 for all files) can also be downloaded from:


git clone
git clone git://
git clone

tarballs (source code)

0.1.0     tar.gz(s|sha1)  tar.bz2(s|sha1)  tar.xz(s|sha1)