For some reason this one has been hard to remember, even when the command is actually easy, so here we go:
To query the certificate information, we can run these commands:
# Convert the certificate format from DER to PEM.
openssl x509 -inform DER -in cert_file.cer -outform PEM -out cert_file.pem
# Convert the certificate format and print it to the default output.
openssl x509 -inform DER -in cert_file.cer -outform PEM
# Print some of the information contained in the certificate and hold
# the PEM output.
# Run 'man openssl-x509' for more options
openssl x509 -inform DER -in cert_file.cer -subject -startdate -enddate -issuer -noout
For the key file, given that it is the private part, we need to be careful not to put the decripted output in any publicly available site. So, having that, we can use the following commands to decrypt it:
# This command will decrypt and convert the key file and save it to an
# unencrypted PEM format.
openssl pkcs8 -inform DER -in keyfile.key -outform PEM -out keyfile.pem -passin pass:PASSWORD