Base64 and hex both represent bytes, so why convert between them?

They encode the same bytes at different radixes for different tools. Base64 is compact for transport (email, JSON, data URLs) and packs three bytes into four characters. Hex is one byte per two characters, which is what hash digests, hex editors, network captures and crypto libraries usually want. Example: the byte 0x48 is the Base64 fragment in SGk= but the hex 48. You convert when a value arrives in one form and the next tool expects the other, such as taking a Base64 signature from an API and pasting it into a hex-only verifier.

What is the difference between standard and URL-safe Base64 here?

Standard Base64 uses + and / as its 63rd and 64th characters and pads the end with =. URL-safe Base64 (RFC 4648 section 5) swaps those for - and _ so the string can ride in a URL or filename without escaping, and it usually drops the padding. JWTs use URL-safe. Pick the wrong mode and a + reads as a stray character, so set the alphabet to match your source. Example: the bytes 0xff 0xff 0xff are //// in standard and ____ in URL-safe.

Why does odd-length hex throw an error?

Each byte is exactly two hex digits, so a valid hex string always has an even number of digits. An odd count means one nibble is missing, usually because a leading zero was dropped: someone wrote f instead of 0f, or a paste got truncated. Example: 4869 is two clean bytes (0x48 0x69) but 486 is one and a half bytes, which cannot map to a byte array, so the tool stops and tells you the digit count rather than guessing.

Where would I actually use a Base64 to hex conversion?

Mostly in cryptography and debugging. A library hands you a Base64 AES key but OpenSSL wants it as hex. A JWT signature is URL-safe Base64 and you need the hex bytes to compare against an HMAC you computed elsewhere. A certificate fingerprint comes as Base64 from one tool and hex from another and you want to confirm they match. A binary blob in a config file is Base64 and you want to eyeball the magic bytes (89 50 4e 47 means PNG). Each case is a byte-for-byte view change, not a re-encoding.

Does the conversion ever go through text encoding and lose bytes?

No. The tool decodes Base64 straight into a numeric byte array and renders that array as hex, with no UTF-8 or ASCII step anywhere. That is the whole point of a byte-level converter: a byte like 0xff that is not valid UTF-8 still round-trips perfectly, because it is never asked to be a character. So binary data such as images, keys and certificates come out byte-identical, which a naive text-first converter would mangle the moment it hit a non-printable byte.

Move an AES key from a library to OpenSSL

Your app library prints a symmetric key as Base64, but the OpenSSL command you are scripting expects -K with a hex string. Paste the Base64 in, switch to no-separator lower-case hex, and copy the 32-byte (64-char) hex straight into your command. Because the conversion is byte-for-byte, the key is identical — no risk that an encoding step quietly changed a byte and left you debugging a "bad decrypt" for an hour.

Verify a JWT signature against a computed HMAC

A JWT signature is URL-safe Base64 with no padding. You computed the expected HMAC elsewhere and have it as hex. Set the alphabet to URL-safe, paste the signature segment, read the hex bytes, and compare them digit by digit against your HMAC. If they match, the token is authentic; if one byte differs you know exactly where, instead of staring at two unlike-looking strings.

Identify a binary blob by its magic bytes

A config file or database row holds a Base64 blob and you have no idea what it is. Convert it to space-grouped hex and read the first few bytes: 89 50 4e 47 is a PNG, ff d8 ff is a JPEG, 25 50 44 46 is a PDF (%PDF), 50 4b 03 04 is a ZIP. The hex view turns an opaque string into something you can recognize at a glance.

Compare a certificate fingerprint shown in two formats

One tool prints a certificate fingerprint as Base64, your browser shows it as colon-separated hex. Paste the Base64, convert to hex, and put both side by side to confirm you are pinning the same certificate. A single mismatched byte means a different cert — exactly what you want to catch before trusting a connection.

Base64 to Hex Converter — Bytes Both Ways

Base64 ⇄ hexadecimal at the byte level, no text encoding in between — standard or URL-safe, your separator and case, runs in your browser

Runs locally
Category Encoding & Crypto
Best for Checking small payloads, tokens, hashes, and encoded values quickly.

Base64 alphabet

Hex separator

Hex case

Ignore whitespace

Input

Output

Output appears here.

What this tool does

A free Base64 to hex converter that works at the byte level, so the bytes that go in are exactly the bytes that come out. Base64 and hexadecimal are two ways of writing the same raw bytes at different radixes: Base64 packs three bytes into four characters at base 64, while hex spends two characters per byte at base 16. Converting between them never passes through a text encoding, so there is no UTF-8 step and nothing to corrupt. Paste a Base64 string and it is decoded into bytes, then printed as hex; paste hex and it is parsed into bytes, then encoded back to Base64. A PNG, an AES key, a JWT signature or a DER certificate survives the round trip with every byte intact. Pick the standard alphabet or URL-safe variant, choose a bare hex run or space-grouped bytes, upper or lower case, and let the tool ignore newlines so pasted PEM blobs just work. Malformed Base64 and odd-length or non-hex input each get a precise error. Everything runs in your browser; nothing is uploaded.

Tool details

Input: Text + Numbers + Structured content; The page exposes text boxes, numeric controls, file pickers, or structured inputs depending on the tool.
Output: Live result + Copy; The result area focuses on usable output, with copy, download, or preview actions when supported.
Privacy: Browser-side processing; The main tool logic does not call an external API, so inputs normally stay in the current tab.
Save / share: Shareable URL state; Key settings are encoded in the URL so another person can reopen the same setup.
Performance budget: Initial JS <= 9 KB; No WASM budget is declared, keeping the tool quick to open on mobile.
Best fit: Encoding & Crypto · Developer; Category and role tags drive related tools, internal links, and quick fit checks.

How to use

1. Input

Paste or drop your content into the tool panel.
2. Process

Click the button. All processing is local in your browser.
3. Copy / Download

Copy the result or download to disk in one click.

How Base64 to Hex Converter fits into your work

Use it for quick browser-side encoding, decoding, hashing, token checks, and share-safe transformations.

Encoding jobs

Checking small payloads, tokens, hashes, and encoded values quickly.
Preparing values for APIs, URLs, docs, or support tickets.
Avoiding account-based tools when the input might be sensitive.

Encoding checks

Do not paste live secrets unless you are comfortable with local browser handling.
Confirm whether the operation is reversible before sharing the result.
For hashes, compare the exact algorithm and casing expected by the receiver.

Good next steps

These links move the current task into a more complete workflow.

Real-world use cases

Move an AES key from a library to OpenSSL
Your app library prints a symmetric key as Base64, but the OpenSSL command you are scripting expects -K with a hex string. Paste the Base64 in, switch to no-separator lower-case hex, and copy the 32-byte (64-char) hex straight into your command. Because the conversion is byte-for-byte, the key is identical — no risk that an encoding step quietly changed a byte and left you debugging a "bad decrypt" for an hour.
Verify a JWT signature against a computed HMAC
A JWT signature is URL-safe Base64 with no padding. You computed the expected HMAC elsewhere and have it as hex. Set the alphabet to URL-safe, paste the signature segment, read the hex bytes, and compare them digit by digit against your HMAC. If they match, the token is authentic; if one byte differs you know exactly where, instead of staring at two unlike-looking strings.
Identify a binary blob by its magic bytes
A config file or database row holds a Base64 blob and you have no idea what it is. Convert it to space-grouped hex and read the first few bytes: 89 50 4e 47 is a PNG, ff d8 ff is a JPEG, 25 50 44 46 is a PDF (%PDF), 50 4b 03 04 is a ZIP. The hex view turns an opaque string into something you can recognize at a glance.
Compare a certificate fingerprint shown in two formats
One tool prints a certificate fingerprint as Base64, your browser shows it as colon-separated hex. Paste the Base64, convert to hex, and put both side by side to confirm you are pinning the same certificate. A single mismatched byte means a different cert — exactly what you want to catch before trusting a connection.

Common pitfalls

Using the wrong Base64 alphabet. A URL-safe string full of - and _ pasted in standard mode trips an illegal-character error, and a standard string with + and / fed as URL-safe is misread. Match the alphabet to the source, since JWTs and many web tokens are URL-safe while most other Base64 is standard.
Dropping a leading zero in hex. Writing f for the byte 0x0f gives an odd digit count, which the tool rejects rather than guessing. Always pad each byte to two digits, so 0x0f is 0f and a fifteen-byte key is 30 hex characters, not 29.
Expecting text out of binary bytes. Base64 to hex is a byte view, not a decode-to-text. If the Base64 holds an image or a key, the hex is raw bytes with no readable string inside. Use a Base64 decoder with UTF-8 only when you know the payload is actually text.

Privacy

Every conversion — the Base64 decode, the byte array, the hex render and the re-encode — is plain JavaScript running in your browser tab. No string you paste is uploaded, logged or sent anywhere, which matters because the values here are often secrets: keys, tokens, certificate material. The one caveat is the shareable URL: it encodes your input and options in the query string, so a "share link" pasted into chat lands that payload in the recipient server's access log. For anything sensitive, use the copy button and paste the text rather than sharing the URL.

FAQ

Tool combos

Folks in your role tend to reach for these alongside this tool.

Developer

Browse all tools for this role

Base64 to Hex Converter — Bytes Both Ways

What this tool does

Tool details

How to use

1. Input

2. Process

3. Copy / Download

How Base64 to Hex Converter fits into your work

Encoding jobs

Encoding checks

Good next steps

Real-world use cases

Move an AES key from a library to OpenSSL

Verify a JWT signature against a computed HMAC

Identify a binary blob by its magic bytes

Compare a certificate fingerprint shown in two formats

Common pitfalls

Privacy

FAQ

Base85 / Ascii85 Encoder & Decoder

Number Base Converter

Base64 Encoder & Decoder

Text to Hex Converter

Base32 / Base58 Encoder & Decoder

URL Encoder / Decoder

AES Text Encryptor

Affine Cipher Encoder & Decoder

Atbash Cipher

Bacon Cipher Encoder & Decoder

Base62 Encoder & Decoder

Base64 Block Deduplicator