Paste any PEM-encoded text. We extract every -----BEGIN-----/-----END----- block, decode the Base64, and show you the raw bytes — ready for downstream tools.
PEM (Privacy Enhanced Mail) is a Base64-encoded container format for cryptographic data — certificates, private keys, public keys, CSRs, and CRLs. The Base64 sits between -----BEGIN X----- and -----END X----- markers. This tool extracts the raw bytes from each block; for ASN.1 / X.509 structural parsing, use a dedicated tool like openssl x509 -text.
PEM (Privacy Enhanced Mail) is a text-based container format for cryptographic data. It wraps Base64-encoded binary data between BEGIN and END markers, like "-----BEGIN CERTIFICATE-----". PEM files commonly contain X.509 certificates, RSA or EC private keys, public keys, certificate signing requests (CSRs), and certificate revocation lists (CRLs).
DER (Distinguished Encoding Rules) is the binary form. PEM is just DER wrapped in Base64 with text markers, designed to survive email and file systems that may corrupt binary data. Our parser extracts the original DER bytes from PEM — those bytes are what tools like OpenSSL operate on internally.
Not yet — this tool extracts the raw DER bytes for inspection. For full X.509 field parsing (Common Name, Subject Alternative Names, validity dates, key usage), use a tool like "openssl x509 -text -noout" on the downloaded DER file.
Yes. The parser finds every BEGIN/END pair and shows each one separately, with its label and a hex dump of the decoded bytes. Certificate chains with three or more certificates are common, and the parser handles them all.