x509.1s

x509.1s [options] -in filename.pem

-in
    Mandatory Input file, containing the certificate in PEM format.

-text
    Prints the full certificate contents in a human-readable format.

-noout
    Suppresses the output of the encoded version of the certificate (only output formatted content).

-subject
    Prints the subject DN of the certificate.

-issuer
    Prints the issuer DN of the certificate.

-dates
    Prints the validity dates (notBefore and notAfter).

-serial
    Prints the serial number of the certificate.

-fingerprint
    Prints the SHA1 fingerprint of the certificate. Commonly used for verification.

-md5
    Prints the MD5 fingerprint of the certificate.

-sha1
    Prints the SHA1 fingerprint of the certificate. (deprecated, but can be useful).

-sha256
    Prints the SHA256 fingerprint of the certificate.

-pubkey
    Prints the public key of the certificate in PEM format.

-modulus
    Prints the modulus of the public key.

-nameopt
    Specifies name options to be used when printing out names. See the openssl(1) for options.

The `x509.1s` command is a wrapper around the `openssl x509` command. It simplifies displaying information from X.509 certificates, making it easier to examine and verify their contents. This command helps retrieve various details from a certificate, such as the issuer, subject, validity period, serial number, public key information, and more. By using command-line options, specific pieces of data can be extracted and presented in a human-readable format. It's used by security administrators, developers, and anyone who needs to inspect or debug X.509 certificates. It's especially useful for diagnosing issues with SSL/TLS connections, validating certificate chains, and ensuring the authenticity of digital signatures. Because it is a wrapper, the underlying `openssl` utility must be installed for `x509.1s` to function correctly.

This command is a simplified wrapper and might not support all options available in the underlying `openssl x509` command.
Error handling may be limited; it's often necessary to consult the `openssl` documentation for detailed error messages.
Requires the `openssl` package to be installed on the system.

Example 1: Display full certificate information:
`x509.1s -in certificate.pem -text`

Example 2: Display the certificate's subject:
`x509.1s -in certificate.pem -subject`

Example 3: Display certificate's SHA256 fingerprint:
`x509.1s -in certificate.pem -sha256`

Example 4: Display certificate's validity dates:
`x509.1s -in certificate.pem -dates`

openssl(1), certutil(1)