nmap -p 443 --script ssl-cert gnupg.orgThe -p 443 specifies to scan port 443 only. All ports will be scanned if it is omitted, and the certificate details for any SSL service that is found will be displayed. The --script ssl-cert tells the Nmap scripting engine to run only the ssl-cert script. From the doc, this script "(r)etrieves a server's SSL certificate. The amount of information printed about the certificate depends on the verbosity level."
Sample output:
Starting Nmap 7.40 ( https://nmap.org ) at 2017-11-01 13:35 PDTNmap scan report for gnupg.org (217.69.76.60)Host is up (0.16s latency).Other addresses for gnupg.org (not scanned): (null)rDNS record for 217.69.76.60: www.gnupg.orgPORT STATE SERVICE443/tcp open https| ssl-cert: Subject: commonName=gnupg.org| Subject Alternative Name: DNS:gnupg.org, DNS:www.gnupg.org| Issuer: commonName=Gandi Standard SSL CA 2/organizationName=Gandi/stateOrProvinceName=Paris/countryName=FR| Public Key type: rsa| Public Key bits: 2048| Signature Algorithm: sha256WithRSAEncryption| Not valid before: 2015-12-21T00:00:00| Not valid after: 2018-03-19T23:59:59| MD5: c3a7 e0ed 388f 87cb ec7f fd3e 71f2 1c3e|_SHA-1: 5196 ecf5 7aed 139f a511 735b bfb5 7534 df63 41baNmap done: 1 IP address (1 host up) scanned in 2.31 seconds