-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz
      3edfcea8266b82a2a7b1db85cfd01311586bbc907cb8baf353caa0ab630fe4ec  debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz
      fcfa89dbf6718982530e2e4bd9556a1e077011b594ec356ab765ddbad76cbb4339705869f80c554a6c2e576f73805b9055578808f381f699d3a86726fb859159  debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-concrete-cms_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTEACgkQHkh6RjHW
/rbJ2Q/+Lxm65NpM4CE5vn0Fg3rdxPxrWIYAufKaIPiV6py0kVCpzHY/SOCO5Mg9
Ngzo3hjNpATQ6W9COw9rMeNNekU7dk5riulDeKkw5AnQWmGyDfv2VMvp5tdkCxDk
yU28qMLHhbh5+0X0+B2SMdfACUBMKf9OJyM9I61hUEz5hUAXns7wIw+WKTpIfXv9
FBISgFdl1Grn3A8bl3aBASczGICIg79gd+zCwyMX++i7Dy2HD4zt0zFCPRltlCnW
CkwO4+Jmh7p89s/cB8Y9yvlmARUEVNIbTdST1IDOWC8RTFCjKha+C+PG9u0bteLO
9klzrFAL8G9WK+LaFuVzv26lw0oALEkG66CbmdAxKCzd4NFXdd8JFleJjfx3LMtV
uBqgt1CLSjiHfgVVi4rZJmXmxz7mOQTd0ycQ33YcKlemzujdWkHKdpU8AoPZdmxr
1Gq1Yp16egetZS6R686MwPQP1GngeibBycESrcRfptZJHX0cF11MlQglf6Z5qE7Q
VYBCIF/DlVmpLNY9ObHYKJffypIxCXUn7O7Q3qXmS+mzIEXg34fvxWPH+l4Fuo0y
wnJCimzg6yjE+EhNv+xGAnI/sObeqYCUylzy8MkR3Iwvd3RMGgxDGKehScbL5PSg
nn4+dkaP6TPpo7bAup+z7QGEM0xOZ5VigG4PLv8C/Pyn19cA58g=
=PlEi
-----END PGP SIGNATURE-----