PrettyPrintCert man page

PrettyPrintCert — print the contents of a certificate stored as ASCII base-64 encoded data to a readable format.

Synopsis

PrettyPrintCert [-simpleinfo] <input_file> [output_file]

Description

The PrettyPrintCert command provides a command-line utility used to print the contents of a certificate stored as ASCII base-64 encoded data to a readable format. The output of this command is displayed to standard output, but can be optionally saved into a specified file. An additional non-mandatory option is available which limits the certificate information output of this command for easier parsing.

Options

[-simpleinfo]
Optional. Prints limited certificate information in an easy to parse format; if this option is not specified, the entire contents of the certificate will be printed.
<input_file>
Mandatory. Specifies the path to the file containing the ASCII base-64 encoded certificate.
[output_file]
Optional. Specifies the path to the file in which the tool should write the certificate. If this option is not specified, the certificate information is written to the standard output.

Examples

The following example converts the ASCII base-64 encoded certificate in the ascii_data.cert file and writes the certificate in the pretty-print form to the output file cert.out:

PrettyPrintCert ascii_data.cert cert.out

For this example, the base-64 encoded certificate data in the ascii_data.cert looks like the following:

-----BEGIN CERTIFICATE-----
MIIECjCCAvKgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBOMSswKQYDVQQKDCJ1c2Vy
c3lzLnJlZGhhdC5jb20gU2VjdXJpdHkgRG9tYWluMR8wHQYDVQQDDBZDQSBTaWdu
aW5nIENlcnRpZmljYXRlMB4XDTE2MDcyMjIwMzEzOFoXDTE3MDExODIxMzEzOFow
gZwxCzAJBgNVBAYTAlVTMRwwGgYDVQQKDBNFeGFtcGxlIENvcnBvcmF0aW9uMQsw
CQYDVQQLDAJJUzEpMCcGA1UEAwwgUHJldHR5UHJpbnRDZXJ0IFRlc3QgQ2VydGlm
aWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMRUwEwYKCZIm
iZPyLGQBAQwFYWRtaW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn
Jv8ADWpC7C3Bzb13n9zQwaDW8YfyshZd7lXI0cghJOSfRLT6C10LOi1yhI+7W3NN
MgYeLDCiRmKfHnqq6lpPg9aZmrxBwrn+30OdP+m1K6Crf6X9wqAWSR/r2hG4NuYi
ovcJg7ani5h4BL+V0hbUvfEs4o7QfOWjQZcoo2KbOKmRrodAA21XVjWGB1ELQLNN
hGwmZ6l1rtnN04Ruoclu8LaKMAAzFSH8cHEBtdCgxeDNy+bNnXbjO1wdruFNrars
W6wdc230AvHRcEUWEvQVq86vHfS4UZ5q0N1ychibrHZXB0/+TUtyKDQGx0K7ELSB
xgwt9QxEjKlXHiStcGupAgMBAAGjgaMwgaAwHwYDVR0jBBgwFoAUuzaYXWXLiOCH
IzdvW/evi4rrurUwTgYIKwYBBQUHAQEEQjBAMD4GCCsGAQUFBzABhjJodHRwOi8v
cGtpLWRlc2t0b3AudXNlcnN5cy5yZWRoYXQuY29tOjgwODAvY2Evb2NzcDAOBgNV
HQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqG
SIb3DQEBCwUAA4IBAQCgQ/vTCyQ+lHKNDNCtvbul2l6V3Sjzvj0il9t4HtorxoBF
3FIE6VNpUYFq0AkNS/LjV7ek7LRl8kuuiKaNpqF6RvAIPrABPDh7hE1Gi3Vm+Xw/
ndodT1AVII3x6xUbRsHu2iUVdZM5xO9ZFwA18nJUznL9q8lEGjj8vVCyFZuplUL+
pdKqL3SgBNUdyfiV6vywevI9jFoZBlsQbn4EjBs2nNeaFSZhZ1NG6tktSt85fJ51
IAiZv9Ipq0deHxFgpEywPq9lSrMZnm178PFlzRQUySHSm1pA+ngTydUKqZqAU0vr
XIDTmj4lE93VPZspnPS94p/0OT4Pe3NKAe+IbIv/
-----END CERTIFICATE-----

The certificate in pretty-print format in the cert.out file looks like the following:

Certificate:
    Data:
        Version:  v3
        Serial Number: 0x9
        Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
        Issuer: CN=CA Signing Certificate,O=example.com Security Domain
        Validity:
            Not Before: Friday, July 22, 2016 2:31:38 PM MDT America/Denver
            Not  After: Wednesday, January 18, 2017 2:31:38 PM MST America/Denver
        Subject: UID=admin,E=admin@example.com,CN=PrettyPrintCert Test Certificate,OU=IS,O=Example Corporation,C=US
        Subject Public Key Info:
            Algorithm: RSA - 1.2.840.113549.1.1.1
            Public Key:
                Exponent: 65537
                Public Key Modulus: (2048 bits) :
                    E7:26:FF:00:0D:6A:42:EC:2D:C1:CD:BD:77:9F:DC:D0:
                    C1:A0:D6:F1:87:F2:B2:16:5D:EE:55:C8:D1:C8:21:24:
                    E4:9F:44:B4:FA:0B:5D:0B:3A:2D:72:84:8F:BB:5B:73:
                    4D:32:06:1E:2C:30:A2:46:62:9F:1E:7A:AA:EA:5A:4F:
                    83:D6:99:9A:BC:41:C2:B9:FE:DF:43:9D:3F:E9:B5:2B:
                    A0:AB:7F:A5:FD:C2:A0:16:49:1F:EB:DA:11:B8:36:E6:
                    22:A2:F7:09:83:B6:A7:8B:98:78:04:BF:95:D2:16:D4:
                    BD:F1:2C:E2:8E:D0:7C:E5:A3:41:97:28:A3:62:9B:38:
                    A9:91:AE:87:40:03:6D:57:56:35:86:07:51:0B:40:B3:
                    4D:84:6C:26:67:A9:75:AE:D9:CD:D3:84:6E:A1:C9:6E:
                    F0:B6:8A:30:00:33:15:21:FC:70:71:01:B5:D0:A0:C5:
                    E0:CD:CB:E6:CD:9D:76:E3:3B:5C:1D:AE:E1:4D:AD:AA:
                    EC:5B:AC:1D:73:6D:F4:02:F1:D1:70:45:16:12:F4:15:
                    AB:CE:AF:1D:F4:B8:51:9E:6A:D0:DD:72:72:18:9B:AC:
                    76:57:07:4F:FE:4D:4B:72:28:34:06:C7:42:BB:10:B4:
                    81:C6:0C:2D:F5:0C:44:8C:A9:57:1E:24:AD:70:6B:A9
        Extensions:
            Identifier: Authority Key Identifier - 2.5.29.35
                Critical: no
                Key Identifier:
                    BB:36:98:5D:65:CB:88:E0:87:23:37:6F:5B:F7:AF:8B:
                    8A:EB:BA:B5
            Identifier: 1.3.6.1.5.5.7.1.1
                Critical: no
                Value:
                    30:40:30:3E:06:08:2B:06:01:05:05:07:30:01:86:32:
                    68:74:74:70:3A:2F:2F:70:6B:69:2D:64:65:73:6B:74:
                    6F:70:2E:75:73:65:72:73:79:73:2E:72:65:64:68:61:
                    74:2E:63:6F:6D:3A:38:30:38:30:2F:63:61:2F:6F:63:
                    73:70
            Identifier: Key Usage: - 2.5.29.15
                Critical: yes
                Key Usage:
                    Digital Signature
                    Non Repudiation
                    Key Encipherment
            Identifier: Extended Key Usage: - 2.5.29.37
                Critical: no
                Extended Key Usage:
                    1.3.6.1.5.5.7.3.2
                    1.3.6.1.5.5.7.3.4
    Signature:
        Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
        Signature:
            A0:43:FB:D3:0B:24:3E:94:72:8D:0C:D0:AD:BD:BB:A5:
            DA:5E:95:DD:28:F3:BE:3D:22:97:DB:78:1E:DA:2B:C6:
            80:45:DC:52:04:E9:53:69:51:81:6A:D0:09:0D:4B:F2:
            E3:57:B7:A4:EC:B4:65:F2:4B:AE:88:A6:8D:A6:A1:7A:
            46:F0:08:3E:B0:01:3C:38:7B:84:4D:46:8B:75:66:F9:
            7C:3F:9D:DA:1D:4F:50:15:20:8D:F1:EB:15:1B:46:C1:
            EE:DA:25:15:75:93:39:C4:EF:59:17:00:35:F2:72:54:
            CE:72:FD:AB:C9:44:1A:38:FC:BD:50:B2:15:9B:A9:95:
            42:FE:A5:D2:AA:2F:74:A0:04:D5:1D:C9:F8:95:EA:FC:
            B0:7A:F2:3D:8C:5A:19:06:5B:10:6E:7E:04:8C:1B:36:
            9C:D7:9A:15:26:61:67:53:46:EA:D9:2D:4A:DF:39:7C:
            9E:75:20:08:99:BF:D2:29:AB:47:5E:1F:11:60:A4:4C:
            B0:3E:AF:65:4A:B3:19:9E:6D:7B:F0:F1:65:CD:14:14:
            C9:21:D2:9B:5A:40:FA:78:13:C9:D5:0A:A9:9A:80:53:
            4B:EB:5C:80:D3:9A:3E:25:13:DD:D5:3D:9B:29:9C:F4:
            BD:E2:9F:F4:39:3E:0F:7B:73:4A:01:EF:88:6C:8B:FF
    FingerPrint
        MD2:
            EC:AE:A5:A3:E5:FA:30:3B:34:0E:FD:9D:ED:46:56:03
        MD5:
            CB:E1:80:0C:B3:66:DF:CF:3A:2B:A9:C1:F4:88:88:23
        SHA-1:
            B6:BA:84:0D:AE:4E:B0:CD:84:71:D8:A4:61:60:A7:2D:
            3A:7C:55:46
        SHA-256:
            B2:95:9C:8C:B9:3C:7B:9F:FF:8E:BD:92:90:BC:75:F5:
            BB:0D:96:2C:93:05:20:1B:4C:9D:B9:59:6F:54:25:5B
        SHA-512:
            B9:7A:1E:2E:59:8C:6F:76:F5:52:36:AD:A6:62:E9:DD:
            00:6E:82:7A:BA:38:1E:29:FC:F8:80:F1:DD:7C:81:92:
            F1:C2:E3:34:27:1A:7A:EB:95:36:DB:65:41:A2:46:19:
            FB:14:89:00:B5:8B:DB:AA:33:41:8C:6C:C4:75:CF:17

The following example command takes the same ASCII base-64 encoded certificate in the ascii_data.cert file and writes the information contained within the certificate to the simple format output file cert.simple:

PrettyPrintCert -simpleinfo ascii_data.cert cert.simple

The simple certificate information in the cert.simple output file looks like the following:

UID=admin
E=admin@example.com
CN=PrettyPrintCert Test Certificate
OU=IS
O=Example Corporation
C=US

Authors

Matthew Harmsen <mharmsen@redhat.com>.

See Also

PrettyPrintCrl(1),pki(1)

Referenced By

PrettyPrintCrl(1).

July 20, 2016 version 10.3 PKI Certificate Print Tool