Skip to content

Certificate Decoder

Decode PEM-encoded X.509 certificates. View subject, issuer, validity, SANs, key info, fingerprints, and certificate chain. Pure client-side ASN.1 parsing.

FreeNo SignupNo Server UploadsZero Tracking

How to Use Certificate Decoder

  1. 1

    Paste your certificate

    Paste a PEM-encoded certificate (starting with -----BEGIN CERTIFICATE-----). You can paste multiple certificates for chain analysis.

  2. 2

    Click decode

    The tool parses the ASN.1/DER structure entirely in your browser and extracts all X.509 fields.

  3. 3

    Review details

    See subject, issuer, validity dates, SANs, key algorithm, fingerprints, and expiry status with color coding.

Frequently Asked Questions

This tool supports PEM-encoded X.509 certificates (the text format with BEGIN/END markers). If you have a DER/binary file, convert it first with: openssl x509 -inform der -in cert.der -out cert.pem

Yes. Paste multiple PEM certificates (concatenated) and the tool will parse each one separately, showing them in order from leaf to root/intermediate.

The tool implements a pure JavaScript ASN.1/DER parser that reads the binary structure of X.509 certificates. No external libraries or servers are used.

SANs list the domain names and IP addresses that a certificate is valid for. Modern browsers use SANs instead of the Common Name for validation.

No. All parsing happens entirely in your browser using JavaScript. No certificate data is transmitted to any server.