-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bookworm-images@turnkeylinux.org
      pub   rsa4096 2023-05-22 [SC] [expires: 2043-05-17]
            2614 7592 087C 0EDE 4214  3B63 7761 DEBA BBCF BA7C
      uid           [ unknown] TurnKey GNU/Linux Bookworm Images (GPG signing key for TurnKey Linux Bookworm Images) <release-bookworm-images@turnkeylinux.org>
      sub   rsa4096 2023-05-22 [S] [expires: 2043-05-17]
      
    $ gpg --verify debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID 26147592087C0EDE42143B637761DEBABBCFBA7C
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz
      b8b9c1681b5776efa7a6e014397bcbbad869126e5a2a38eb44f076bf6ba3a746  debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz

    $ sha512sum debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz
      dec48e5f86d0cdd515cc8390625792108ed828f9fd8dbf3325d16f6e598b16e92564291dd420aa9ccc9d1b632e1566f88bb8bea09a0d58e4d3425b341ef5e31e  debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz: OK

    $ sha512sum -c debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-cakephp_18.0-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0achB3UVKiMsY4ckkPLGHN5q3jcFAmXIsV4ACgkQkPLGHN5q
3jezdQ//fMrxPe4yL5EBDJN3Pfv/tJjChBcaUcY9cfe/q0cVi+ZAGL1FqaqtAfFb
vVUc0EezVX48i3ODiw8MCjHJwFZF3ZPbxxukU2PgjqRdq9qKY4LW3DLG1N9ZP886
PG+wFFftYORVYy4VgMY/0a8XOpNooDrjE6GfmptsgkYJlUR9qkpVk7wuKouCI0Ah
a/VIOm2qjNwyhXd/ScUGJoc2PeL3HExy7/anzcN9ngqoe/52czbm10xGvCo+prLu
RdbXoURZGLcMHwVXmRbJnDN9GAsPBLHH2s0FBvZEqgd6/H1ZDDj8I3Dul5/U6KEA
T2FBL5plBoMJxVRqLxXLkXWMRdKe6bIaoY6KmzGqsyHQfI18+B+CBWVZUAC2hdAb
2GmbOX3Utpr0X9hhky4iuAaZ9q1K1SmUxzCkYgiUhwZN9FTmJb1hmHwwNHAwIqVu
1bS0F500HLaYLPlvMlvYIc/65D6/KzwGS/72LDeIPZea8ppIXUKcfGp3nlRAr2cn
tr6A4akjdctLk3sDp8MfxYHBuLrzGdlKXLnFNDvrj0tnylgNaS9bX4KSAYorD2Ye
fRSPOR4a3ZHcDdaSp/1O0Q/iNQrqsoeWRlVfJ+vdNz0kZ8HCb8yPcZwRW1plrlcf
v2SXI6kOcV6bbs2uHo6HaRI4Fgk58qBlyaE4r+hFQ680VItFxQI=
=Y+uP
-----END PGP SIGNATURE-----