ToolBelt

PGP Fingerprint Formatter

Group a hex PGP fingerprint into the standard 4-/20-char layout.

Open tool

Overview

The PGP fingerprint formatter takes a 40-character hex fingerprint — with or without separators — and rewrites it into the canonical 4-character-block, 4-row layout used everywhere from key signing parties to git commit verification screens. Paste a sticky-noted fingerprint, copy back the cleanly formatted version.

It is the right tool for verifying that a fingerprint you read from a business card, an email signature, or a git web UI matches what your local keyring shows. PGP fingerprint formatting matters because a difference in spacing or case can hide a swapped digit; the canonical layout makes typos jump out.

How it works

A modern OpenPGP V4 key fingerprint is the SHA-1 hash of the public key packet, 160 bits long, displayed as 40 hex characters. The canonical formatting groups those characters into ten 4-character blocks, separated by single spaces, with a double space between the fifth and sixth block:

ABCD 1234 EF56 7890 ABCD  1234 EF56 7890 ABCD 1234

The tool strips all whitespace, dashes, and colons from the input, uppercases the hex, and re-emits it in this layout. Short or long inputs are flagged as errors. V5 keys (SHA-256, 256-bit) use a 64-character fingerprint with a similar block structure; the tool detects length and formats accordingly.

Examples

Input:  abcd1234ef567890abcd1234ef567890abcd1234
Output: ABCD 1234 EF56 7890 ABCD  1234 EF56 7890 ABCD 1234

Input:  ABCD-1234-EF56-7890-ABCD-1234-EF56-7890-ABCD-1234
Output: ABCD 1234 EF56 7890 ABCD  1234 EF56 7890 ABCD 1234

Input:  abcd 1234 ef56 7890 abcd 1234 ef56 7890 abcd 1234
Output: ABCD 1234 EF56 7890 ABCD  1234 EF56 7890 ABCD 1234

Input:  abcd1234   (too short)
Output: Error — expected 40 hex characters (V4) or 64 (V5), got 8

FAQ

Why is the double space between blocks 5 and 6?

To break a 40-character string into a 20+20 visual chunk that is easier to compare side-by-side. The convention dates back to GPG's default --fingerprint output.

Should I display the short ID or the long ID?

Neither — display the full fingerprint. Short IDs (last 8 hex chars) and long IDs (last 16) are collision-vulnerable; only the full fingerprint uniquely identifies a key.

Is case meaningful?

No. Hex is case-insensitive. The canonical display is uppercase, but lower- or mixed-case fingerprints refer to the same key.

What changed in V5 keys?

V5 fingerprints are SHA-256 hashes of the key packet — 256 bits, 64 hex characters. They are formatted similarly, in 4-character blocks. The longer fingerprint resists the theoretical SHA-1 collisions that motivated the upgrade.

Try PGP Fingerprint Formatter

An unhandled error has occurred. Reload ×