Certificate decoder
Decode a public PEM certificate and inspect subject, issuer, validity, SANs, and fingerprint locally.
Decoding happens locally in your browser. Only paste certificates intended to be public.
Guide
Certificate Decoder: what it does and how to use it
What this Security tool does
This certificate decoder reads public PEM certificates and displays key X.509 metadata. It helps identify the certificate subject, issuer, serial number, validity window, SAN domains, and SHA-256 fingerprint.
How it works
Paste a PEM certificate and the browser parses the ASN.1 structure locally. The tool extracts common fields and computes the fingerprint with Web Crypto. It is meant for public certificates, not private keys or secret material.
Examples
- Check which domains are listed in SAN.
- Compare a certificate fingerprint.
- Confirm issuer and expiry dates from a PEM file.
Security considerations
Only paste certificates intended to be public. Never paste private keys into a certificate decoder.
FAQ
Can this decode private keys?
No. It is designed for public certificates only.
What is SAN?
Subject Alternative Name lists the hostnames covered by the certificate.
Is the PEM uploaded?
No. Decoding happens locally in your browser.