-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bookworm-images@turnkeylinux.org
      pub   rsa4096 2023-05-22 [SC] [expires: 2043-05-17]
            2614 7592 087C 0EDE 4214  3B63 7761 DEBA BBCF BA7C
      uid           [ unknown] TurnKey GNU/Linux Bookworm Images (GPG signing key for TurnKey Linux Bookworm Images) <release-bookworm-images@turnkeylinux.org>
      sub   rsa4096 2023-05-22 [S] [expires: 2043-05-17]
      
    $ gpg --verify debian-12-turnkey-django_18.0-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID 26147592087C0EDE42143B637761DEBABBCFBA7C
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-12-turnkey-django_18.0-1_amd64.tar.gz
      6a6220a29272fe2fb2f87a779a7baaac9ced144458463d83428b49ee9ece15fc  debian-12-turnkey-django_18.0-1_amd64.tar.gz

    $ sha512sum debian-12-turnkey-django_18.0-1_amd64.tar.gz
      d5d4e5b6ea8f0b77eb840b7b801196ef2134499e9799aa5e5d942d83aa16b8655980ded2498aa5cdec0d38b39197203e1343f040dd15eb791684d64513e0593f  debian-12-turnkey-django_18.0-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-12-turnkey-django_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-django_18.0-1_amd64.tar.gz: OK

    $ sha512sum -c debian-12-turnkey-django_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-django_18.0-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0achB3UVKiMsY4ckkPLGHN5q3jcFAmXIsWIACgkQkPLGHN5q
3jf9fA//YTpvP0hn6UEgCwB0wLymcUPZf1xAk03jCP/EKvho8cQULpLPtFT9nYoE
XnHxX5ZVahXLRStEMFPnuJG+al8G1jEWAgaVn8gD4v2Stlxo75Ld9kLIHRt+veNt
z6MGXAs5Edt5F10PU1J3yPZPx23b9Sxsl6tZs4rQRW1gg6C3BrdcJoUBTgCBs9S3
naf3s5sa+rswwib27KjMCVaWrmmwNZfttv8kW7uzVr+Y67H0QMPs70CfpdVYzc22
cLkkykk8zo3F12KY2jaSn/pvyURtM/01JMCEM2XYYG90DCnPH+p1UJAOIjpHsaLK
vYvmApw/V3fg7vJrakVIsHfjhDpBLJ1o2RbZASlAK7LFcU2uczxwJy/na/LRfSw3
6A4lkQqoKBey+EqMhcsU1LX8eBZIxAAKVrIzgKG5oxd597VIE+8JINBxkpPwAMr4
ph+5mxN9NQlmlLyIYpxIzZ2KDQaFoe+fROHbCzAz824frpY4XLkf7oh3HAhH6YHp
jX+Mc351lHbIC2wWbjBvCu2XLMY48ho+KCjRgpjfCzp+XSc4GZ4UfhqAXPuwwjco
I03XJw04B9wWADHANx2ZsQAL7vYH9yRMMrGFqdNK2pr2cxh/CRjfItxmlFnPK34r
p1Novw+ie+3jWRCrhoPVq8Y6x9APIMX+CigFTm05l6Yo8/tUHrs=
=mJhQ
-----END PGP SIGNATURE-----