-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz
      7044f7f52dee211f4c520aba2d93404e6f5fb0b74d2e8bfbafd03d5149e2b0e2  debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz
      89ae25395569ba93fb4cf7b862ce1d28deeadc4de2bc2c16ca93b89b1f05106298d472d33feeaf7caeb270c299971b4dd8b1ff4fce0b47d648a874e28d7b26af  debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-silverstripe_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTgACgkQHkh6RjHW
/rb/rA/+KCODYZGiRnMynOP8QC2c7/sHi1XasMpWcxkvElN08yzsNkWfRJF0K/IK
04kkUNl1bSOis2hEfqQbWVvGb4aimI1sFTdjUvhU6qVg+vKgeCYlma5TaIqLqJ9n
5Ri9H9fYWVMnVk24QSeJYDPkgjTtIfXvNA/oVdYEIzyuJYU5jqRqmhxXwJ665k86
TlCoQX51oK/RnswsuNeDgBF09v2pNHaf0kz+d5MzUH87FNUJjKz7fKIy1ux9CZck
o5zMvTKRBKLyD1OkxwMQ/OgjNrauIl7FuULjR+jPINhzPNCOmemvPJDaw3eQfgzY
C5kFm0IgUzc54lPgbpMUCaoEiVPHLaF+JoCUUAdy2BSDit04zwoXU8Hnon8FhHL3
Q8avVdvMkZGA0R4KomxHO12FBWA7Pm9uJtS3p59gTlA0ogMimbGuuqGhUguOIU8x
Xfz753f8taQ25dBKyxZu/68Pfc+ZKgtsPx5I4kWilh1gmTa98sd8zh+70Ep9t9q8
ELpZZCrtACsArc39FaFn7i8KJNu1ML3F3LW8cH60Gba/RrDmfc21OXL0s7lqZWs8
xhibckOmJTzSHAlbzTCikKa7KlfNSduLtFu8v9+ehXiDRH68CvfJvkD+D2UrOU/t
6A5umD/LcfKXXBYKt6257Knksg3m9K047pRRPoUbd6pQ0XIePZo=
=Vk80
-----END PGP SIGNATURE-----