Introduction
A PEM file is just Base64-wrapped ASN.1. But decoding that structure to understand what is actually inside — the modulus size, the exponent, the key type — normally requires OpenSSL or a Python script. This tool parses RSA and EC public and private keys in PEM format directly in the browser, exposing the modulus bit length, public exponent, fingerprint, and curve name without sending a single byte to a server. Paste your key below to inspect it instantly.
What this tool does
- Parses RSA public and private keys in PEM format (PKCS#1 and PKCS#8 headers).
- Extracts and displays the modulus size in bits, public exponent, and a hex fingerprint.
- Detects Elliptic Curve (EC) keys and reports the named curve (e.g., P-256, P-384).
- Identifies the key type from the PEM header — PUBLIC KEY, PRIVATE KEY, RSA PRIVATE KEY, EC PRIVATE KEY.
- Runs entirely client-side — your private key material never leaves the browser.
How this tool works
PEM (Privacy Enhanced Mail) format encodes a DER (Distinguished Encoding Rules) binary structure as Base64 between a header line and a footer line. This tool strips the header and footer, Base64-decodes the body to get the raw DER bytes, then parses the ASN.1 structure to locate the fields of interest.
For RSA public keys (PKCS#1 format), the ASN.1 SEQUENCE contains two INTEGERs: the modulus n and the public exponent e. The modulus length in bits is the definitive measure of key strength. For PKCS#8-wrapped keys, an outer SEQUENCE contains an algorithm identifier OID before the key material. EC keys contain a named curve OID and the uncompressed public point (04 || x || y). The fingerprint is computed as the SHA-256 hash of the DER-encoded public key, matching the fingerprint format used by tools like `ssh-keygen -l -E sha256`.
How the cipher or encoding works
RSA was described by Rivest, Shamir, and Adleman in their 1978 paper "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" (*Communications of the ACM*, DOI: 10.1145/359340.359342). The algorithm's security depends on the practical infeasibility of factoring the product of two large primes. Key size requirements have increased over time as factoring algorithms and computing power improve.
NIST SP 800-57 Part 1 (NIST SP 800-57) specifies minimum key sizes for different security levels: 2048-bit RSA provides 112-bit security equivalent, 3072-bit provides 128-bit, and 4096-bit provides approximately 140-bit equivalent. RSA-1024 is deprecated and should not be used in new systems.
PEM format is defined in RFC 7468. The DER encoding rules are part of ASN.1 (Abstract Syntax Notation One), standardised in ITU-T X.690. PKCS#1 (RSA-specific) is defined in RFC 8017; PKCS#8 (algorithm-agnostic key format) is defined in RFC 5958. EC key structures follow RFC 5480.
Key fingerprints serve as compact identifiers. SSH uses MD5 or SHA-256 fingerprints (controlled by `ssh-keygen -E`). TLS certificates expose the Subject Public Key Info fingerprint, which is what this tool computes — useful for correlating a standalone PEM file to a fingerprint seen in a TLS handshake or certificate transparency log.
How to use this tool
- Paste your RSA or EC key in PEM format into the input field. Both public and private keys are accepted.
- Click 'Inspect Key'. The tool parses the DER structure and displays the key type, format, modulus size, and exponent.
- For EC keys, the named curve and public key coordinates are shown.
- Use the fingerprint field to verify the key matches a known fingerprint from a certificate or SSH authorized_keys file.
- If the tool reports a parse error, confirm the PEM is not password-encrypted (encrypted private keys use a different header and require the passphrase to decode).
Real-world examples
Verifying a certificate's public key matches a private key
A sysadmin has a TLS certificate and a private key file but is unsure whether they are a matched pair. They paste both into the inspector and compare the modulus hex fingerprints. If the fingerprints match, the private key is the correct counterpart for the certificate. This is equivalent to running `openssl rsa -modulus -noout -in key.pem | openssl md5` and `openssl x509 -modulus -noout -in cert.pem | openssl md5` and comparing the output — but without needing OpenSSL installed.
Auditing legacy RSA-1024 keys
A security auditor reviews an organisation's TLS and SSH keys. They paste each key into the inspector and check the modulus size field. Any key reporting 1024 bits is flagged for immediate replacement — RSA-1024 was deprecated by NIST in 2010 and is factored by state-level adversaries. Keys at 2048 bits meet the current minimum; 4096-bit keys are recommended for certificates valid beyond 2030.
Confirming an EC key curve for ECDSA signature verification
A developer receives a JWT signed with ECDSA and needs to verify the signature using the issuer's public key. The issuer provides a PEM file. The developer pastes it into the inspector to confirm it is an EC key on P-256 (secp256r1) rather than P-384 or P-521, since their JWT library requires the curve to be specified explicitly. Passing the wrong curve causes silent verification failure rather than an exception.
Comparison with similar methods
| Method | Complexity | Typical use |
|---|---|---|
| RSA-2048 | 112-bit security equivalent (NIST) | TLS certificates, SSH keys, JWT RS256 |
| RSA-4096 | ~140-bit security equivalent | Long-lived certificates, high-assurance signing keys |
| EC P-256 (secp256r1) | 128-bit security equivalent, 256-bit key | TLS, JWT ES256, smaller key size than RSA-3072 |
| EC P-384 (secp384r1) | 192-bit security equivalent | NSA Suite B, government-grade TLS |
Limitations or considerations
Password-encrypted private keys (headers containing `ENCRYPTED` or `Proc-Type: 4,ENCRYPTED`) cannot be parsed without the passphrase — this tool will report a parse error for them. The DER parser is a simplified implementation and may not handle all exotic ASN.1 encodings; use OpenSSL for production key validation. EC keys on non-named curves (explicit curve parameters) are not supported. Do not paste production private keys into any online tool unless you have verified it is fully client-side and have audited the source code.
Frequently asked questions
Conclusion
The RSA Key Inspector gives you an immediate, OpenSSL-free way to check the key type, modulus size, and fingerprint of any PEM-encoded key. Use it to audit key strength, confirm key pairs match, or verify the curve on an EC key before wiring it into your JWT or TLS configuration. For generating cryptographically secure random values for use with RSA or HMAC, see the Salt Generator tool.