-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-invoice-ninja-16.0-buster-amd64.iso.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-invoice-ninja-16.0-buster-amd64.iso
      83c6b3c079f21322cdaa67b810a668d0a4081f107d1ef4a8c281c6013ad5ad7c  turnkey-invoice-ninja-16.0-buster-amd64.iso

    $ sha512sum turnkey-invoice-ninja-16.0-buster-amd64.iso
      e7c758ef2354ea76bec28a17681b140e956f1a784e6990351ca6882d7da19d50522fc679803f13db911a64ff08d00e5173cc016f9780235fbcf6c552e8ddbc8a  turnkey-invoice-ninja-16.0-buster-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-invoice-ninja-16.0-buster-amd64.iso.hash
      turnkey-invoice-ninja-16.0-buster-amd64.iso: OK

    $ sha512sum -c turnkey-invoice-ninja-16.0-buster-amd64.iso.hash
      turnkey-invoice-ninja-16.0-buster-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAl/YwacACgkQrF6wBJPl
vBzfgA//Qf6oGoOcRjrQymAgm7WSn28wjtunJy31GjL6l/n9CHcvxXz27haRMe+D
vNrGXaHNLTgaC+EFT/v0DnN0oIO7WgyS9PbFkX8569vRIp3cEzSaIa76y1VbAVyc
MAlNEv2H8tyT2TkwaL1xzoTiSvKBy6+zHigxICcTbvYLEG7j0FYndimMyBG4G8y+
5fhskqFjz5U4TC//rUhLZEevh8cj0iOAr7Nzvdc0tCo/XPE/EEiFNg4w1gv9fk3D
smuKgBvvRZQcpCmbc+G7vlmP5iuMh52AdCUBjkcK8bToglEVfAE+bpzvedBcChF4
AZK3Owq05tE/p+o96LFvevB/vZr+yoVX+AW2HDNtaUATw7CVBApUadjubSmzF3/x
rDYYYCY6Sha6nCfAqmtPMFYev0EsjW9+RV5eNg2mpnXaofkZktiTYUCUJnF53PU9
awTn6ijXMCBDURD7B1alOKN4nWaJE7O0BCNtVPabPIzHwAU4KPxvLXyAmIv8aUS4
W47TUGE1IveRxhdUpvhLVvZvgMhId73oT8Hq5ijiIh3b5FyPI6pBUDKsbS7BtJjg
5sn7TPzoOZPEJ/BDhKJ+SlkgykHuA1uhTPMKI4INzQq6dL+QiY4Rt7IgC6KQkeAD
0SjhmasrmfOePwRjKgyryNDckTlezOJcbHw/bYE8yG2Kku50j0k=
=P0uA
-----END PGP SIGNATURE-----