Verify checksums

Before you import the booking batch, you should confirm that the handoff pack reached you unaltered. This takes less than a minute and needs no extra software — your operating system has everything you need.

What the check proves

The manifest.sha256 file contains a so-called hash for each of the five other files — a 64-character fingerprint. If even a single byte of a file changes, the fingerprint changes completely.

The check compares each file’s fingerprint with the value in the manifest. If they all match, it is proven: the pack has not changed since the firm created it — not in transit, not by accident, not by a third party.

Where to run it

Put all six files in the same folder and run the command in that folder. The paths in the manifest are relative — the files must sit next to manifest.sha256.

macOS and Linux

Open the terminal, change into the folder with the files, and run:

sha256sum -c manifest.sha256

On macOS sha256sum is not always preinstalled. If the command is missing, use instead:

shasum -a 256 -c manifest.sha256

Windows (PowerShell)

Open PowerShell, change into the folder, and check each file against the manifest:

Get-FileHash DATEV-EXTF.csv -Algorithm SHA256 | Format-List

The Hash shown must match the corresponding line in manifest.sha256 (open the file in a text editor). Repeat for each of the five files.

What a successful result looks like

UStVA-preview.xml: OK
BWA.pdf: OK
ZM-EU-recap.csv: OK
DATEV-EXTF.csv: OK
audit-log.jsonl: OK

Every line ends in OK — the pack is unaltered. You can start the import with confidence.

What a failure looks like

DATEV-EXTF.csv: FAILED
sha256sum: WARNING: 1 computed checksum did NOT match

Do not import on FAILED

If even one file fails, do not import. Possible causes: the file was corrupted during download, the pack is incomplete, or it was altered after creation. Request the pack again from the firm and verify it once more.

Next step

Once all checksums match, import the booking batch:

DATEV import guide