Certificate Parser
Free online SSL certificate parser, no installation required. Parse and analyze PEM format certificates
About Certificate Parser
Decodes X.509 certificates from PEM format (-----BEGIN CERTIFICATE-----) into structured fields by parsing the raw DER/ASN.1 bytes locally. It extracts version, serial number, issuer and subject distinguished names, validity window, public key details (algorithm, modulus, exponent, curve, key size), signature algorithm, X.509 extensions, and computes SHA-256/SHA-1 fingerprints via the Web Crypto API. A Valid/Expired badge compares validTo to the current time, and the parsed data can be exported as JSON.
How to Use
1. Either click Upload File to load a .pem/.crt/.cer file, or paste PEM content directly into the textarea. 2. Click Parse; results appear in a structured card and the badge shows Valid or Expired. 3. Use the copy icons next to the serial number and fingerprints to copy those values. 4. Click Export to download all parsed fields as certificate-info.json.
Recognized OIDs & Key Algorithms
Distinguished name attributes (CN, O, OU, C, ST, L, emailAddress, etc.) and algorithms are resolved through an embedded OID map: RSA (1.2.840.113549.1.1.1), SHA1/256/384/512withRSA, RSASSA-PSS, EC public keys with curves P-256/P-384/P-521, X25519, Ed25519, and ECDSA-with-SHA variants. Common extensions (subjectKeyIdentifier, keyUsage, subjectAltName, basicConstraints, extKeyUsage, authorityInfoAccess, CT precertificate SCTs, etc.) are identified by name. RSA keys expose modulus (hex with colons), exponent, and bit size; EC/EdDSA keys report algorithm and curve.
▶What certificate formats are accepted?
▶How are fingerprints computed?
▶Why does an extension show only a length instead of its value?
▶Does the Valid badge account for the issuer chain?
If this tool has been helpful to you, consider buying me a coffee.
Buy me a coffee