Check

To check if a certificate and key match:

openssl x509 -noout -text -in example.com.fullchain.pem | openssl md5
openssl rsa -noout -text -in example.com.key | openssl md5

If you do not have a matching md5 checksum, then the public key and private key don't match. You will need to request them again.

$ openssl s_client -showcerts -connect irc.freeirc.org:6697 </dev/null 2>/dev/null | openssl x509 -noout -text

For dates of certs only, use -dates instead of -text