1PrettyPrintCert(1)        PKI Certificate Print Tool        PrettyPrintCert(1)
2
3
4

NAME

6       PrettyPrintCert  -  print the contents of a certificate stored as ASCII
7       base-64 encoded data to a readable format.
8
9

SYNOPSIS

11       PrettyPrintCert [-simpleinfo] input-file [output-file]
12
13

DESCRIPTION

15       The PrettyPrintCert command provides a  command-line  utility  used  to
16       print  the  contents  of  a certificate stored as ASCII base-64 encoded
17       data to a readable format.  The output of this command is displayed  to
18       standard output, but can be optionally saved into a specified file.  An
19       additional non-mandatory option is available which limits the  certifi‐
20       cate information output of this command for easier parsing.
21
22

OPTIONS

24       -simpleinfo
25           Optional.  Prints  limited  certificate  information  in an easy to
26       parse format;
27           if this option is not specified, the entire contents  of  the  cer‐
28       tificate will be printed.
29
30
31       <input-file>
32           Mandatory.  Specifies  the  path  to  the file containing the ASCII
33       base-64 encoded certificate.
34
35
36       <output-file>
37           Optional. Specifies the path to the file in which the  tool  should
38       write the certificate.
39           If  this  option  is  not specified, the certificate information is
40       written to the standard output.
41
42

EXAMPLES

44       The following example converts the ASCII base-64 encoded certificate in
45       the ascii_data.cert file and writes the certificate in the pretty-print
46       form to the output file cert.out:
47
48
49              $ PrettyPrintCert ascii_data.cert cert.out
50
51
52
53       For  this  example,  the  base-64  encoded  certificate  data  in   the
54       ascii_data.cert looks like the following:
55
56
57              -----BEGIN CERTIFICATE-----
58              MIIECjCCAvKgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBOMSswKQYDVQQKDCJ1c2Vy
59              c3lzLnJlZGhhdC5jb20gU2VjdXJpdHkgRG9tYWluMR8wHQYDVQQDDBZDQSBTaWdu
60              aW5nIENlcnRpZmljYXRlMB4XDTE2MDcyMjIwMzEzOFoXDTE3MDExODIxMzEzOFow
61              gZwxCzAJBgNVBAYTAlVTMRwwGgYDVQQKDBNFeGFtcGxlIENvcnBvcmF0aW9uMQsw
62              CQYDVQQLDAJJUzEpMCcGA1UEAwwgUHJldHR5UHJpbnRDZXJ0IFRlc3QgQ2VydGlm
63              aWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMRUwEwYKCZIm
64              iZPyLGQBAQwFYWRtaW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn
65              Jv8ADWpC7C3Bzb13n9zQwaDW8YfyshZd7lXI0cghJOSfRLT6C10LOi1yhI+7W3NN
66              MgYeLDCiRmKfHnqq6lpPg9aZmrxBwrn+30OdP+m1K6Crf6X9wqAWSR/r2hG4NuYi
67              ovcJg7ani5h4BL+V0hbUvfEs4o7QfOWjQZcoo2KbOKmRrodAA21XVjWGB1ELQLNN
68              hGwmZ6l1rtnN04Ruoclu8LaKMAAzFSH8cHEBtdCgxeDNy+bNnXbjO1wdruFNrars
69              W6wdc230AvHRcEUWEvQVq86vHfS4UZ5q0N1ychibrHZXB0/+TUtyKDQGx0K7ELSB
70              xgwt9QxEjKlXHiStcGupAgMBAAGjgaMwgaAwHwYDVR0jBBgwFoAUuzaYXWXLiOCH
71              IzdvW/evi4rrurUwTgYIKwYBBQUHAQEEQjBAMD4GCCsGAQUFBzABhjJodHRwOi8v
72              cGtpLWRlc2t0b3AudXNlcnN5cy5yZWRoYXQuY29tOjgwODAvY2Evb2NzcDAOBgNV
73              HQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqG
74              SIb3DQEBCwUAA4IBAQCgQ/vTCyQ+lHKNDNCtvbul2l6V3Sjzvj0il9t4HtorxoBF
75              3FIE6VNpUYFq0AkNS/LjV7ek7LRl8kuuiKaNpqF6RvAIPrABPDh7hE1Gi3Vm+Xw/
76              ndodT1AVII3x6xUbRsHu2iUVdZM5xO9ZFwA18nJUznL9q8lEGjj8vVCyFZuplUL+
77              pdKqL3SgBNUdyfiV6vywevI9jFoZBlsQbn4EjBs2nNeaFSZhZ1NG6tktSt85fJ51
78              IAiZv9Ipq0deHxFgpEywPq9lSrMZnm178PFlzRQUySHSm1pA+ngTydUKqZqAU0vr
79              XIDTmj4lE93VPZspnPS94p/0OT4Pe3NKAe+IbIv/
80              -----END CERTIFICATE-----
81
82
83
84       The  certificate in pretty-print format in the cert.out file looks like
85       the following:
86
87
88                  Certificate:
89                      Data:
90                          Version:  v3
91                          Serial Number: 0x9
92                          Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
93                          Issuer: CN=CA Signing Certificate,O=example.com Security Domain
94                          Validity:
95                              Not Before: Friday, July 22, 2016 2:31:38 PM MDT America/Denver
96                              Not  After: Wednesday, January 18, 2017 2:31:38 PM MST America/Denver
97                          Subject: UID=admin,E=admin@example.com,CN=PrettyPrintCert Test Certificate,OU=IS,O=Example Corporation,C=US
98                          Subject Public Key Info:
99                              Algorithm: RSA - 1.2.840.113549.1.1.1
100                              Public Key:
101                                  Exponent: 65537
102                                  Public Key Modulus: (2048 bits) :
103                                      E7:26:FF:00:0D:6A:42:EC:2D:C1:CD:BD:77:9F:DC:D0:
104                                      C1:A0:D6:F1:87:F2:B2:16:5D:EE:55:C8:D1:C8:21:24:
105                                      E4:9F:44:B4:FA:0B:5D:0B:3A:2D:72:84:8F:BB:5B:73:
106                                      4D:32:06:1E:2C:30:A2:46:62:9F:1E:7A:AA:EA:5A:4F:
107                                      83:D6:99:9A:BC:41:C2:B9:FE:DF:43:9D:3F:E9:B5:2B:
108                                      A0:AB:7F:A5:FD:C2:A0:16:49:1F:EB:DA:11:B8:36:E6:
109                                      22:A2:F7:09:83:B6:A7:8B:98:78:04:BF:95:D2:16:D4:
110                                      BD:F1:2C:E2:8E:D0:7C:E5:A3:41:97:28:A3:62:9B:38:
111                                      A9:91:AE:87:40:03:6D:57:56:35:86:07:51:0B:40:B3:
112                                      4D:84:6C:26:67:A9:75:AE:D9:CD:D3:84:6E:A1:C9:6E:
113                                      F0:B6:8A:30:00:33:15:21:FC:70:71:01:B5:D0:A0:C5:
114                                      E0:CD:CB:E6:CD:9D:76:E3:3B:5C:1D:AE:E1:4D:AD:AA:
115                                      EC:5B:AC:1D:73:6D:F4:02:F1:D1:70:45:16:12:F4:15:
116                                      AB:CE:AF:1D:F4:B8:51:9E:6A:D0:DD:72:72:18:9B:AC:
117                                      76:57:07:4F:FE:4D:4B:72:28:34:06:C7:42:BB:10:B4:
118                                      81:C6:0C:2D:F5:0C:44:8C:A9:57:1E:24:AD:70:6B:A9
119                          Extensions:
120                              Identifier: Authority Key Identifier - 2.5.29.35
121                                  Critical: no
122                                  Key Identifier:
123                                      BB:36:98:5D:65:CB:88:E0:87:23:37:6F:5B:F7:AF:8B:
124                                      8A:EB:BA:B5
125                              Identifier: 1.3.6.1.5.5.7.1.1
126                                  Critical: no
127                                  Value:
128                                      30:40:30:3E:06:08:2B:06:01:05:05:07:30:01:86:32:
129                                      68:74:74:70:3A:2F:2F:70:6B:69:2D:64:65:73:6B:74:
130                                      6F:70:2E:75:73:65:72:73:79:73:2E:72:65:64:68:61:
131                                      74:2E:63:6F:6D:3A:38:30:38:30:2F:63:61:2F:6F:63:
132                                      73:70
133                              Identifier: Key Usage: - 2.5.29.15
134                                  Critical: yes
135                                  Key Usage:
136                                      Digital Signature
137                                      Non Repudiation
138                                      Key Encipherment
139                              Identifier: Extended Key Usage: - 2.5.29.37
140                                  Critical: no
141                                  Extended Key Usage:
142                                      1.3.6.1.5.5.7.3.2
143                                      1.3.6.1.5.5.7.3.4
144                      Signature:
145                          Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
146                          Signature:
147                              A0:43:FB:D3:0B:24:3E:94:72:8D:0C:D0:AD:BD:BB:A5:
148                              DA:5E:95:DD:28:F3:BE:3D:22:97:DB:78:1E:DA:2B:C6:
149                              80:45:DC:52:04:E9:53:69:51:81:6A:D0:09:0D:4B:F2:
150                              E3:57:B7:A4:EC:B4:65:F2:4B:AE:88:A6:8D:A6:A1:7A:
151                              46:F0:08:3E:B0:01:3C:38:7B:84:4D:46:8B:75:66:F9:
152                              7C:3F:9D:DA:1D:4F:50:15:20:8D:F1:EB:15:1B:46:C1:
153                              EE:DA:25:15:75:93:39:C4:EF:59:17:00:35:F2:72:54:
154                              CE:72:FD:AB:C9:44:1A:38:FC:BD:50:B2:15:9B:A9:95:
155                              42:FE:A5:D2:AA:2F:74:A0:04:D5:1D:C9:F8:95:EA:FC:
156                              B0:7A:F2:3D:8C:5A:19:06:5B:10:6E:7E:04:8C:1B:36:
157                              9C:D7:9A:15:26:61:67:53:46:EA:D9:2D:4A:DF:39:7C:
158                              9E:75:20:08:99:BF:D2:29:AB:47:5E:1F:11:60:A4:4C:
159                              B0:3E:AF:65:4A:B3:19:9E:6D:7B:F0:F1:65:CD:14:14:
160                              C9:21:D2:9B:5A:40:FA:78:13:C9:D5:0A:A9:9A:80:53:
161                              4B:EB:5C:80:D3:9A:3E:25:13:DD:D5:3D:9B:29:9C:F4:
162                              BD:E2:9F:F4:39:3E:0F:7B:73:4A:01:EF:88:6C:8B:FF
163                      FingerPrint
164                          MD2:
165                              EC:AE:A5:A3:E5:FA:30:3B:34:0E:FD:9D:ED:46:56:03
166                          MD5:
167                              CB:E1:80:0C:B3:66:DF:CF:3A:2B:A9:C1:F4:88:88:23
168                          SHA-1:
169                              B6:BA:84:0D:AE:4E:B0:CD:84:71:D8:A4:61:60:A7:2D:
170                              3A:7C:55:46
171                          SHA-256:
172                              B2:95:9C:8C:B9:3C:7B:9F:FF:8E:BD:92:90:BC:75:F5:
173                              BB:0D:96:2C:93:05:20:1B:4C:9D:B9:59:6F:54:25:5B
174                          SHA-512:
175                              B9:7A:1E:2E:59:8C:6F:76:F5:52:36:AD:A6:62:E9:DD:
176                              00:6E:82:7A:BA:38:1E:29:FC:F8:80:F1:DD:7C:81:92:
177                              F1:C2:E3:34:27:1A:7A:EB:95:36:DB:65:41:A2:46:19:
178                              FB:14:89:00:B5:8B:DB:AA:33:41:8C:6C:C4:75:CF:17
179
180
181
182       The following example command takes the same ASCII base-64 encoded cer‐
183       tificate  in  the  ascii_data.cert file and writes the information con‐
184       tained  within  the  certificate  to  the  simple  format  output  file
185       cert.simple:
186
187
188              $ PrettyPrintCert -simpleinfo ascii_data.cert cert.simple
189
190
191
192       The simple certificate information in the cert.simple output file looks
193       like the following:
194
195
196              UID=admin
197              E=admin@example.com
198              CN=PrettyPrintCert Test Certificate
199              OU=IS
200              O=Example Corporation
201              C=US
202
203
204

SEE ALSO

206       PrettyPrintCrl(1), pki(1)
207
208

AUTHORS

210       Matthew Harmsen <mharmsen@redhat.com>.
211
212
214       Copyright (c) 2016 Red Hat, Inc.  This is licensed under the  GNU  Gen‐
215       eral  Public  License,  version  2  (GPLv2).  A copy of this license is
216       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
217
218
219
220PKI                              July 20, 2016              PrettyPrintCert(1)
Impressum