# Get Certificates

A certificate is a mechanism for one entity (the issuer) to assert specific attributes about another entity (the subject). Each certificate contains:

* **Subject's Public Key** — The Keeta account identifier
* **Certified Attributes** — Identity data like full name, email, or address
* **Issuer's Digital Signature** — Cryptographic proof of authenticity

Keeta extends X.509 certificates to support both public and sensitive attributes. Sensitive attributes use encryption and cryptographic commitments to enable selective disclosure — subjects can prove specific values to third parties without exposing data to others

### Get Certificates via the SDK <a href="#getting-certificates" id="getting-certificates"></a>

To fetch certificates tied to any Keeta account address (read-only), create a client with a `null` signer and pass the target `account` in the options:

```typescript
import * as KeetaNet from '@keetanetwork/keetanet-client';

async function main() {
  // Target address
  const publicKeyString = 'keeta_aabg2lkwuy4gvzr44cniihdmwzinfuunqv4qgsuhbq7jpt4qms622tldjbdexwy';
 const account = await KeetaNet.lib.Account.fromPublicKeyString(publicKeyString);
  // Read-only client bound to target account
  const client = KeetaNet.UserClient.fromNetwork(
    'test',
    null,
    { account }
  );

  try {
    // Fetch and sort certificates by issuance date (newest first)
    const response = await client.getCertificates();
    const sorted = response.sort(
      (a, b) => b.certificate.notBefore.valueOf() - a.certificate.notBefore.valueOf()
    );

    console.log(`Found ${sorted.length} certificates for ${account}`);

    // Display basic info for each certificate
    sorted.forEach(({ certificate }) => {
      console.log('Issuer:', certificate.issuerDN);
      console.log('Subject:', certificate.subjectDN);
      console.log('Valid until:', certificate.notAfter.toISOString());
      console.log('—');
    });
  } finally {
    await client.destroy();
  }
}

main().catch(console.error);

```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keeta.com/components/certificates/get-certificates.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.