-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-roundup_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-roundup_17.1-1_amd64.tar.gz
      43ae222f76827b14f5d39586d65d752a296066677857994e54c3cc08674f3f22  debian-11-turnkey-roundup_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-roundup_17.1-1_amd64.tar.gz
      007051b86f5be91d34099a7e9880932fc7e0c48de7edf3882b64187c61a2d835902aa46d4e030007fe9117ea5c5b00b9cad31a72a506d868a6bbfda76b58cedf  debian-11-turnkey-roundup_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-roundup_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-roundup_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-roundup_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-roundup_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTgACgkQHkh6RjHW
/rZqzg/6Am3xKQQAxVjJ3ktBBrfSc+VTk0/ZWjrSP3HMK1Z/D7cMq54E0ph+MTKB
BjyO8oGoBNZsmhacEhk9G129+fk80mO/MQ0Y1I/lVFwFSlyfSzentZP+/fpBsJLT
Z8XRc3gl2Woadu7Bz3hYzocepFrSqldCRXLZ1AedIz+b0Iyv+1Cj+537MutqctYK
eDYmUsu33D3mmRfCNQy7iW4hJb0x1LlDxShX7or1K1OwqrRzj1GPUAPEKZeSIv5a
0EQYI0rcFcW5mnmYMLMXRDR7H/IA6mOUeAQTLU1THcC+w83Lm9Xr2JAcj3OWwxYp
lnJonvk9b5P0imYELpBfqVVePEdk4OWqJTWdAU9EYOU6rNOSvM+ndjRSDPUVfT51
IcUjV8fsU+ymHqIzHiiwgdJMDUr4e88VpbbBQCcTF7Vd4I3wHFEGuXv1sTTlmPZG
mFcIWYA9iJxEc0Z56LM9nKpp3AqHqZsfFB7KXNI4g/bkEjpRjC0rOkEcoVhcGjYv
smcybYGoZnJH3fba44sjhSr+c5+0WN4dOH8tEGmuGSeX4uxlmxjz0CQ/u/OzjeTZ
2FwjoQd1aGFKOBTYvH6NwodzI71i4u8UpadJROqbS3AvzLp71H/rJP5rZLd+CvDd
0tdDiieHdzsJwvgZ06zVP8t68UqNrgjJXxU++50KfShvoFTL+og=
=vUqZ
-----END PGP SIGNATURE-----