X.509 Certificate & Public Key Parser

Parse X.509 certificates and public keys in PEM, DER, or base64 DER form. Review subjects, issuers, validity dates, fingerprints, extensions, and key details locally in your browser.

Certificate or Public Key
Paste PEM content, base64 DER, or import a certificate/public-key file.

Supports X.509 CERTIFICATE and PUBLIC KEY PEM blocks plus DER/base64 DER certificate or SPKI public-key data.

Parsed Details
Parsing runs locally; copy fingerprints or structured JSON for comparison and troubleshooting.
Parsing input
Reading the certificate structure and computing fingerprints.

What is an X.509 certificate parser?

An X.509 certificate is a signed document that binds a public key to an identity such as a domain, service, organization, or person. TLS certificates, certificate-chain files, and many S/MIME or signing workflows use this format.

This parser reads certificate and public-key material directly in your browser. It can inspect PEM blocks, binary DER files, and base64 DER text, then show the subject, issuer, serial number, validity window, signature algorithm, public-key algorithm, fingerprints, and common extensions.

Use it when you need to compare a certificate fingerprint, check whether a certificate is for the expected host, inspect Subject Alternative Names, confirm key usage, or extract public-key details while debugging TLS and deployment issues.

The tool does not validate trust chains or contact certificate authorities. It shows what is encoded in the certificate or public key you provide, so use a dedicated TLS scanner when you need revocation, chain, hostname, or live endpoint validation.

  • Compare SHA-256 or SHA-1 fingerprints before installing or rotating certificates.
  • Review SAN, key usage, extended key usage, and basic constraints without uploading certificate material.
  • Inspect standalone SPKI public keys when a service gives you only a public-key PEM or DER file.