-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz
      4a320ef355a1d1e25e1dfaa6fb3868de9380e979d01a19f22bf9b034b31f9a7d  debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz
      d25d61d40c75b1001a1dff9bba2af13ca5e5daa03459d875666bc9819ca71bee2a0f900eb2cb2f604e554160b2fd3981e6236588cc751b067a682b94aaa0c1b9  debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-orangehrm_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTcACgkQHkh6RjHW
/rYOjw//Scr1WDbUtIYboix6AZFuAwxOnoZoe82JA5muv/oI/fC7gJBgTEzB+O9b
R1usA17u2Z93QCNK/ZGgQIVZ6xESOOF7VzzLcDk71IZ97+/mVT6/Q7uu22s3Lb7c
93rUBfZLMmPGU02C9nEga8IN/1BPToysfHjrX9ER4BOaro28ITz7Ok9X1YhlO+D5
p7E/BFGDBl00YrFTn/aidwOVT8oVQ7wgg/8iIO2nwRfp3w8vnnrKDulCkp0wO/3S
khifpUFQx76uc78LYEbSbdcw5kKRK3pBXQYLBdjt910UsyZn1NyNYYEiroBEODjD
Xgxf5ZutHMfbdS+G97LolTYf+/fU1VnIaNB6+tVcfW/u5g1ejsJfMu4fv4IXX5Nt
fWAB6E/Ygo2E7Esp/fyMW375XZ0b2Es23140SgE79WK03JBzhbpAohGlO3tzSoas
aogsZn7HEdtOIwktJa9mhfQHytTZyxHnC7s0bLBljfOqjsv4/9jCVEvPxtunQetq
Awu1nh3ew3rTPxU8+EuvV3lk3JpnrxSuS/OekPh2ijTBPhQvMJ9s25IBeENqueCy
JWzbfMWt+ntoyUd5GZTKW/xk4h60dwrm743+YIo/sblkkHWwZ1AoVupaTQbV4niC
MPComov2PyMxRKr8UZQV9HXKGUAbz8k7HXwqMDlX285z6PzbqkY=
=dtDn
-----END PGP SIGNATURE-----