I like it
dpkg -l |grep gnutls
ii  gnutls-bin                      3.0.11+really2.12.23-12ubuntu2.10 amd64        GNU TLS library - commandline utilities
ii  libgnutls26:amd64               2.12.23-12ubuntu2.10              amd64        GNU TLS library - runtime library


# gnutls-cli www.openlearning.com
Resolving 'www.openlearning.com'...
Connecting to '52.187.244.227:443'...
- Ephemeral Diffie-Hellman parameters
 - Using prime: 1024 bits
 - Secret key: 1021 bits
 - Peer's public key: 1024 bits
- Certificate type: X.509
 - Got a certificate list of 3 certificates.
 - Certificate[0] info:
  - subject `OU=Domain Control Validated,OU=PositiveSSL Wildcard,CN=*.openlearning.com', issuer `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-06-22 00:00:00 UTC', expires `2019-07-08 23:59:59 UTC', SHA-1 fingerprint `1a82ffae6c13a1beb04cf67c0397300cdb4f45af'
 - Certificate[1] info:
  - subject `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA', issuer `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Certification Authority', RSA key 2048 bits, signed using RSA-SHA384, activated `2014-02-12 00:00:00 UTC', expires `2029-02-11 23:59:59 UTC', SHA-1 fingerprint `339cdd57cfd5b141169b615ff31428782d1da639'
 - Certificate[2] info:
  - subject `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Certification Authority', issuer `C=SE,O=AddTrust AB,OU=AddTrust External TTP Network,CN=AddTrust External CA Root', RSA key 4096 bits, signed using RSA-SHA384, activated `2000-05-30 10:48:38 UTC', expires `2020-05-30 10:48:38 UTC', SHA-1 fingerprint `f5ad0bcc1ad56cd150725b1c866c30ad92ef21b0'
- The hostname in the certificate matches 'www.openlearning.com'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.2
- Key Exchange: DHE-RSA
- Cipher: AES-256-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

- Simple Client Mode:

^C
# gnutls-cli sequencewiz.com
Resolving 'sequencewiz.com'...
Connecting to '50.112.50.214:443'...
- Ephemeral Diffie-Hellman parameters
 - Using prime: 1024 bits
 - Secret key: 1020 bits
 - Peer's public key: 1022 bits
- Certificate type: X.509
 - Got a certificate list of 2 certificates.
 - Certificate[0] info:
  - subject `CN=sequencewiz.com', issuer `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2019-03-09 16:31:42 UTC', expires `2019-06-07 16:31:42 UTC', SHA-1 fingerprint `0c6d85565ccc8a9f1d9b0bceb1f1827d884b6122'
 - Certificate[1] info:
  - subject `C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3', issuer `O=Digital Signature Trust Co.,CN=DST Root CA X3', RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 UTC', SHA-1 fingerprint `e6a3b45b062d509b3382282d196efe97d5956ccb'
- The hostname in the certificate matches 'sequencewiz.com'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.2
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA256
- Compression: NULL
- Handshake was completed

- Simple Client Mode: