-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-xoops_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-xoops_17.1-1_amd64.tar.gz
      52f0e5ede971225c195c3761ec0936e8b389f4531a8dba3debc9508f32ee3c81  debian-11-turnkey-xoops_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-xoops_17.1-1_amd64.tar.gz
      d46f1c2dd193d78f23109c65f64885f022eabb1b561a0290bdce0ac26e712d5bee67b4eb76676f38717c6f8ac43bb62b65ea9f29aca70c5535b9630cade5b05d  debian-11-turnkey-xoops_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-xoops_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-xoops_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-xoops_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-xoops_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTkACgkQHkh6RjHW
/rbVPg//S2AjYXMTZZ69fMU2vQGPWzpSCm7Xoyk51XPQtfimR2UKfu+hPJzbCgW7
xhyJ8a1GwMQIAKVxDaq1j8WZ0GbkdTH83DwBQzNB/mPWJ7ehm3r4aubiaSDB7Cxi
Lmo/NXonCrPwbLY1eswN0lcFFj42ZPrYYCu273hIbxYsQUi4oEwTRAqNVqK8y4FY
0L4wFERe6MOda0Zq2fGRxK0VdPG6MP8Y2pZcwjs62qN0QIXZlLEYWjbLp8a/0+53
sQXl0FBDSH4OeUsbeZByUrza4tiJPir0qBkMo7TQ6CbNRohCTOvg3mpN19/huii2
hb2OsIYxi8dMrFBnhVuoR2jesDgjm8GIzDXEMQ6AtawmY5M4HSDfvQwUtA3kfVcn
DrLLkWrUsLgb000C7iAGDAGxfelYigbWIW3cJ0HqzxrSooi9RmBJOX29h0GKwZx4
K0e0sqeY8FUmB8pO+mhC42MxRk6DFPvrZZ7oXB4J6535tKlFm7DRTc2PlfYlkAOB
NvURzKCzdr0gkYqlHYEV2++kq1YJd352/08siplAAtbPDVLnNm1YgUDisRT3k++9
l1JSQSvbqj5rG7jgL1/dsvXYEULNfidWnA/1Oj0YfGtRyWXazjRxmKzd+xwru43x
MUDOpBdKyqDWjhPFVzOLd1nj6/Pk0VbbLyQdUbTYt8mZkcJdjOQ=
=gWzx
-----END PGP SIGNATURE-----