Let's say you have a certificate file, foo.cer. The file command can be used to determine if the file is cleartext or binary. In this example, foo.cer is a cleartext file.
~]# file foo.cer foo.cer: PEM certificate
In this scenario, the cat command (on Linux) can be used to view the content of foo.cer. Something like this should be returned.
~]# cat foo.cer -----BEGIN CERTIFICATE----- MIIGhTCCBW2gAwIBAgITFwAS0Zj4+uylATknJgAAABLRmDANBgkqhkiG9w0BAQsF ADBMMRQwEgYKCZImiZPyLGQBGRYEY29ycDEYMBYGCgmSJomT8ixkARkWCHRocml2 ysR4VfQLr+A3zbM59CQjewP40y7oFgrpNuj8Hp1AXud3nsakEYFaGcc= -----END CERTIFICATE-----
Let's say foo.cer is a binary file.
~]# file foo.file foo.file: data
In this scenario, the cat command cannot be used. Attempting to view the content of foo.file will probably return mumbo jumbo, something like this.
~]# cat foo.file h++-://c_+.+h_i+e++.c-+/ce_+e+_-+
The openssl command with the X509, -text, and -enddate options can be used to determine when a certificate will expire.
openssl x509 -in example.crt -text -enddate
If the file is a binary file, you will also need to include the -inform der option.
openssl x509 -in example.crt -inform der -text -enddate
Which should return something like this.
notAfter=Jul 16 10:13:34 2017 GMT