diff --git a/scripts/Makefile.am b/scripts/Makefile.am
index 1b8c4e7366..1a9a283cc5 100644
--- a/scripts/Makefile.am
+++ b/scripts/Makefile.am
@@ -24,7 +24,7 @@
 
 EXTRA_DIST = coverage.sh completion.pl firefox-db2pem.sh checksrc.pl    \
  mk-ca-bundle.pl schemetable.c cd2nroff nroff2cd cdall cd2cd managen \
- dmaketgz release-tools.sh
+ dmaketgz release-tools.sh verify-release
 
 ZSH_FUNCTIONS_DIR = @ZSH_FUNCTIONS_DIR@
 FISH_FUNCTIONS_DIR = @FISH_FUNCTIONS_DIR@
diff --git a/scripts/verify-release b/scripts/verify-release
new file mode 100755
index 0000000000..3b8977def2
--- /dev/null
+++ b/scripts/verify-release
@@ -0,0 +1,80 @@
+#!/bin/sh
+
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+# SPDX-License-Identifier: curl
+#
+###########################################################################
+
+# This script remakes a provided curl release and verifies that the newly
+# built version is identical to the original file.
+#
+# It is designed to be invoked in a clean directory with the path to the
+# release tarball as an argument.
+#
+
+set -eu
+
+tarball="${1:-}"
+
+if [ -z "$tarball" ]; then
+    echo "Provide a curl release tarball name as argument"
+    exit
+fi
+
+i="0"
+
+# shellcheck disable=SC2034
+for dl in curl-*; do
+    i=$((i + 1))
+done
+
+if test "$i" -gt 1; then
+    echo "multiple curl-* entries found, disambiguate please"
+    exit
+fi
+
+mkdir -p _tarballs
+rm -rf _tarballs/*
+
+# checksum the original tarball to compare with later
+sha256sum "$tarball" >_tarballs/checksum
+
+# extract the release contents
+tar xf "$tarball"
+
+curlver=$(grep '#define LIBCURL_VERSION ' curl-*/include/curl/curlver.h | sed 's/[^0-9.]//g')
+
+echo "version $curlver"
+
+timestamp=$(grep -Eo 'SOURCE_DATE_EPOCH=[0-9]*' curl-"$curlver"/docs/RELEASE-TOOLS.md | cut -d= -f2)
+
+pwd=$(pwd)
+cd "curl-$curlver"
+./configure --without-ssl
+./scripts/dmaketgz "$curlver" "$timestamp"
+
+mv curl-"$curlver"* ../_tarballs/
+cd "$pwd"
+cd "_tarballs"
+
+# compare the new tarball against the original
+sha256sum -c checksum