What is an X.509 certificate?

X.509 is the standard format for TLS/SSL certificates. It binds a public key to an identity (the subject) and is signed by a certificate authority (the issuer). The decoder shows those fields plus validity and extensions.

Is the certificate sent to a server?

No. The PEM is Base64-decoded and the ASN.1 DER is parsed in your browser with JavaScript. Certificates are public, but the decoding still happens entirely offline on your device.

What are Subject Alternative Names?

SANs are the list of DNS names (and sometimes IPs) the certificate is valid for. Modern browsers ignore the legacy Common Name and match the hostname against the SAN list, so this is the field that really decides coverage.

Why does the serial number look so long?

Certificate serials are large integers chosen by the CA, often 16–20 bytes, shown here in hexadecimal. Their only requirement is to be unique per issuer, so a long random hex string is normal and expected.

Can it tell me if the certificate has expired?

Yes. It parses the validity SEQUENCE (not-before and not-after) and compares both to your device clock, flagging the certificate as expired or not-yet-valid so you can spot rotation problems quickly.

TLS Certificate Decoder

A TLS certificate in PEM form is just Base64-encoded ASN.1 DER between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. Inside is an X.509 structure that binds a server’s public key to one or more hostnames and is signed by a certificate authority. This decoder reads that structure in your browser and lays out the fields you actually need when debugging a TLS handshake or a misissued cert.

How it works

An X.509 Certificate is SEQUENCE { tbsCertificate, signatureAlgorithm, signatureValue }. The decoder:

Base64-decodes the PEM body to raw DER bytes.
Parses the ASN.1 tag/length/value tree.
Walks tbsCertificate to read, in order: version, serial number, signature algorithm, issuer (Distinguished Name), validity (not-before / not-after), subject (DN), the public-key info, and the extensions — including the Subject Alternative Name (OID 2.5.29.17).

Distinguished Names are decoded by reading each RelativeDistinguishedName and mapping its attribute OID (CN 2.5.3.3, O 2.5.4.10, etc.) to a readable label.

Example

A typical decode looks like:

Subject:    CN=example.com
Issuer:     CN=R3, O=Let's Encrypt
Valid from: 2026-01-01T00:00:00Z
Valid to:   2026-04-01T00:00:00Z
SANs:       example.com, www.example.com
Signature:  sha256WithRSAEncryption
Status:     Valid (in date)

Notes

The tool reads the not-before / not-after times as UTCTime (YYMMDDHHMMSSZ, with the 50-year pivot) or GeneralizedTime (YYYYMMDDHHMMSSZ). The serial number is shown as hex. If an extension OID is unknown it is skipped rather than guessed. Everything runs locally, so you can paste production certificates safely.