Considera questo:
$ nmap security.stackexchange.com -oX - -p 443 --script=ssl-cert | grep 'pem'
<elem key="pem">-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgIQCTaYT9gNC0RFj3x3zaPxZDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNjA1MjEwMDAwMDBaFw0xOTA4MTQxMjAwMDBa
MGoxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJOWTERMA8GA1UEBxMITmV3IFlvcmsx
HTAbBgNVBAoTFFN0YWNrIEV4Y2hhbmdlLCBJbmMuMRwwGgYDVQQDDBMqLnN0YWNr
ZXhjaGFuZ2UuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0YD
zscT5i6T2FaRsTGNCiLB8OtPXu8N9iAyuaROh/nS0kRRsN8wUMk1TmgZhPuYM6oF
S377V8W2LqhLBMrPXi7lnhvKt2DFWCyw38RrDbEsM5dzVGErmhux3F0QqcTI92zj
VW61DmE7NSQLiR4yonVpTpdAaO4jSPJxn8d+4p1sIlU2JGSk8LZSWFqaROc7KtXt
lWP4HahNRZtdwvL5dIEGGNWx+7B+XVAfY1ygc/UisldkA+a3D2+3WAtXgFZRZZ/1
CWFjKWJNMAI6ZBAtlbgSNgRYxdcdleIhPLCzkzWysfltfiBmsmgz6VCoFR4KgJo8
Gd3MeTWojBthM10SLwIDAQABo4IDTDCCA0gwHwYDVR0jBBgwFoAUUWj/kK8CB3U8
zNllZGKiErhZcjswHQYDVR0OBBYEFFrBQmPCYhOznZSEqjIeF8tto4Z7MIIBfAYD
VR0RBIIBczCCAW+CEyouc3RhY2tleGNoYW5nZS5jb22CEXN0YWNrZXhjaGFuZ2Uu
Y29tghFzdGFja292ZXJmbG93LmNvbYITKi5zdGFja292ZXJmbG93LmNvbYINc3Rh
Y2thdXRoLmNvbYILc3N0YXRpYy5uZXSCDSouc3N0YXRpYy5uZXSCD3NlcnZlcmZh
dWx0LmNvbYIRKi5zZXJ2ZXJmYXVsdC5jb22CDXN1cGVydXNlci5jb22CDyouc3Vw
ZXJ1c2VyLmNvbYINc3RhY2thcHBzLmNvbYIUb3BlbmlkLnN0YWNrYXV0aC5jb22C
GCoubWV0YS5zdGFja2V4Y2hhbmdlLmNvbYIWbWV0YS5zdGFja2V4Y2hhbmdlLmNv
bYIQbWF0aG92ZXJmbG93Lm5ldIISKi5tYXRob3ZlcmZsb3cubmV0gg1hc2t1YnVu
dHUuY29tgg8qLmFza3VidW50dS5jb22CEXN0YWNrc25pcHBldHMubmV0MA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0f
BG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2Vy
dmVyLWc1LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTIt
aGEtc2VydmVyLWc1LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCB
gwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E
aWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQC
MAAwDQYJKoZIhvcNAQELBQADggEBABC0Q7CJwKDVFD97KCgMudMo1eNzfxjZRZjs
t9C+B7WXr+kJmsKFRwK4wZrWb8rBb0d4M+vQfTGTT7S0JIp0+4WLmkQ7i+0YA90l
eAhS0KuC4p8M+KzMLovgdc/B9/bQVGuQNuLfiZOCYvM25xlMSS/awoWZh5EJBEyE
vIgJeK+0LfEOMqPNmrelfKVQklXkbbsCREfeDdX1jIwYeXXy8GGfJZSnnbQd14iU
6DAI/9WBxyokj5Pp53esXahLyBGTL8jrfy5E4P4SYTF/WJsUK283SrS3Mv9ftmho
4Sq2zWnDrQ6li2do0YHJIqkJZKrjTevgpvnyFLtvvd40pU5D/PU=
-----END CERTIFICATE-----
</elem>
C'è uno strumento da riga di comando (o una libreria) che mi consente di capire facilmente se questo certificato è attendibile e su quale dominio è valido?