X.509 Certificate (DER)
The binary DER encoding of the same certificate — for testing ASN.1/DER parsers, Java keystores, and DER-to-PEM converters. Published sample certificate, not a real identity.
| Field | Value |
|---|---|
| Type | X.509 certificate (DER, binary) |
| Subject | CN=sample.example, O=Novus Examples (Sample), C=US |
| Issuer | (self-signed) CN=sample.example |
| Serial | 5642823782587783233 |
| Valid from | 2026-01-01 |
| Valid to | 2036-01-01 |
| Public key | RSA 2048-bit |
| Signature | sha256WithRSAEncryption |
| SAN | sample.example, www.sample.example |
Specifications
- Format
- X.509 v3 (DER, binary)
- Subject
- CN=sample.example
- Key
- RSA 2048
- Note
- binary encoding of the PEM twin
- Sample Only
- true
What is a .der file?
DER (Distinguished Encoding Rules) is the binary encoding of an X.509 certificate (or other ASN.1 structure) — the same data a PEM file Base64-wraps, without the text armour. A .der certificate is compact and byte-exact, common in Java keystores and Windows tooling.
How to use this file
Use an example .der certificate to test binary X.509 parsers, ASN.1 decoders, and DER-to-PEM converters, or to confirm a tool reads raw certificate bytes. Published sample certificate, not a real identity.
Related files
- csrCertificate Signing Request (CSR)A PKCS#10 certificate signing request (PEM) with the subject and SAN, self-signed by the RSA key to prove key possession — for testing CSR parsers and certificate-authority intake flows.

- keyEd25519 Private Key (PEM)An Ed25519 private key in PKCS#8 PEM, derived from a fixed seed — a published, sample-only modern elliptic-curve key for testing PEM parsers and Ed25519 tooling. Never use it for real.

- htpasswdhtpasswd (HTTP Basic Auth)An Apache/nginx .htpasswd file with two users hashed using the {SHA} scheme (Base64 SHA-1) — the sample passwords are documented in the file, for testing Basic-Auth credential parsers and hash identification.

- keyRSA 2048 Private Key (PEM)A 2048-bit RSA private key in unencrypted PKCS#8 PEM — a deliberately PUBLISHED, sample-only key for testing PEM key parsers and PKCS#8 decoders. Never use it for anything real.

- pubSSH Public Key (Ed25519)An OpenSSH-format Ed25519 public key (the shareable half of the key pair) — a single line of algorithm, Base64 key blob, and comment, for testing SSH public-key parsers and authorized_keys tooling.

- p12PKCS#12 Bundle (.p12)A PKCS#12 (.p12/PFX) bundle packaging the sample RSA key and certificate together, protected with the sample password 'novus-sample' — for testing keystore importers and PKCS#12 parsers. (The PKCS#12 MAC salt is random, so this file is intentionally not byte-stable.)

Generated by generation/pki_security.py. Free for any use, no attribution required — license.