X.509 / SSL Certificate Decoder
Decode a PEM certificate to read its subject, issuer, validity, SANs and fingerprints — in your browser.
About X.509 / SSL Certificate Decoder
Paste a PEM-encoded X.509 certificate (the -----BEGIN CERTIFICATE----- block) and see its contents in a readable form: the subject and issuer distinguished names, validity period with a valid/expired status, Subject Alternative Names, serial number, version, signature algorithm, public-key type and size, and SHA-1 and SHA-256 fingerprints.
The certificate is parsed entirely in your browser — it's never uploaded — so it's safe for internal or private certificates. This tool reads a certificate you already have; it doesn't fetch a certificate from a live server.
Decode a cert
-----BEGIN CERTIFICATE----- MIIC… -----END CERTIFICATE-----
Subject CN=example.com · Issuer CN=example.com · valid 1 year · SHA-256 fingerprint …
Load the sample to see a decoded self-signed certificate.
Frequently asked questions
What certificate format does it accept?
PEM-encoded X.509 certificates — the Base64 block between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
What details does it show?
Subject and issuer, validity dates and status, Subject Alternative Names, serial number, version, signature algorithm, public-key type/size, and SHA-1 and SHA-256 fingerprints.
Can it fetch a certificate from a website?
No. This tool decodes a certificate you paste in. Fetching a live server's certificate requires a network connection to that server, which a browser tool can't do directly.
Is my certificate uploaded anywhere?
No. Parsing happens entirely in your browser, so it's safe for private certificates.