whonix 12.0.0.3.2 virtualbox BAD SIGNATURE

hello,
I downloaded the latest version of whonix (virtualbox) via HTTP (once) and torrent (twice), verified the signatures but I always get a BAD SIGNATURE.
It doesn’t seem I’m doing something wrong (did it previously).
Could you please double check?

I’m using a VPN to download and mac gpg

imported the pk then
gpg --verify Whonix-Workstation-12.0.0.3.2.sha512sums.asc Whonix-Workstation-12.0.0.3.2.ova
gpg: Signature made Lun 16 Nov 17:12:43 2015 CET using RSA key ID 77BB3C48
gpg: BAD signature from “Patrick Schleizer adrelanos@riseup.net

same thing with the gateway

thanks!

User error. Wrong verification command. Please read the verification
instructions.

Oh I see, I was using the sha512 signature instead of the OpenPGP signature

thanks