If we’re talking fetching SSL/TLS certificates in general, one could simply “openssl s_client -connect host:port” No point in installing an npm package just for that.
To save just the certificate into a file: openssl s_client -connect host:port | openssl x509 [-text] > myfile.pem
Of course, if this is targeted at Node.js developers, then I’d have altered the title to reflect that, “Retrieve the public TLS certificate in x509 format from a distant host in Node.js”

% openssl s_client -connect google.com:443 2>/dev/null | openssl x509 -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9018882575595640890 (0x7d2981eb1d56983a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2
        Validity
            Not Before: Nov  4 18:13:15 2015 GMT
            Not After : Feb  2 00:00:00 2016 GMT
        Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.google.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:ab:cb:37:55:7e:18:a1:06:b4:fb:de:4e:ac:
                    70:d4:5c:d3:ae:56:ec:82:1f:1d:c6:5b:79:33:64:
                    12:5d:04:3a:62:32:91:92:e4:28:68:ed:ba:92:9d:
                    83:3c:1c:3c:d1:59:a7:21:0c:15:a0:64:7c:1d:14:
                    13:7a:d7:e4:8b:d5:cc:75:79:65:d2:53:e5:e2:7a:
                    5f:8f:44:cc:eb:83:76:e8:e2:6e:28:b7:b6:c7:41:
                    4b:0a:fe:d2:a9:eb:c0:ed:b5:29:2e:64:7c:b8:38:
                    97:1e:7b:e2:2d:d1:fe:81:aa:87:fc:3e:45:62:8f:
                    40:f3:7a:f4:e2:69:13:f3:f5:7d:91:f5:c2:8d:9b:
                    80:ff:98:b7:3b:85:07:09:bd:9a:3b:6e:48:c5:50:
                    ec:1b:34:0f:fe:c1:51:25:b3:7b:a4:69:4b:c6:1e:
                    50:ff:d2:3e:c1:8c:44:15:33:da:8c:f1:10:d3:4d:
                    84:2b:50:ec:97:7f:7c:eb:fe:04:8d:2f:cf:47:50:
                    c4:38:cd:5a:b7:76:4e:76:c7:dc:20:d2:f0:cc:d5:
                    66:90:08:1d:73:13:dc:e2:55:c4:8e:a7:37:aa:e5:
                    a5:d4:cb:a8:1b:82:8f:9e:a0:0f:2d:6b:9d:f5:30:
                    74:a4:6b:5b:a1:e8:66:95:30:eb:2f:cc:ec:29:bd:
                    84:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Alternative Name: 
                DNS:*.google.com, DNS:*.android.com, DNS:*.appengine.google.com, DNS:*.cloud.google.com, DNS:*.google-analytics.com, DNS:*.google.ca, DNS:*.google.cl, DNS:*.google.co.in, DNS:*.google.co.jp, DNS:*.google.co.uk, DNS:*.google.com.ar, DNS:*.google.com.au, DNS:*.google.com.br, DNS:*.google.com.co, DNS:*.google.com.mx, DNS:*.google.com.tr, DNS:*.google.com.vn, DNS:*.google.de, DNS:*.google.es, DNS:*.google.fr, DNS:*.google.hu, DNS:*.google.it, DNS:*.google.nl, DNS:*.google.pl, DNS:*.google.pt, DNS:*.googleadapis.com, DNS:*.googleapis.cn, DNS:*.googlecommerce.com, DNS:*.googlevideo.com, DNS:*.gstatic.cn, DNS:*.gstatic.com, DNS:*.gvt1.com, DNS:*.gvt2.com, DNS:*.metric.gstatic.com, DNS:*.urchin.com, DNS:*.url.google.com, DNS:*.youtube-nocookie.com, DNS:*.youtube.com, DNS:*.youtubeeducation.com, DNS:*.ytimg.com, DNS:android.clients.google.com, DNS:android.com, DNS:g.co, DNS:goo.gl, DNS:google-analytics.com, DNS:google.com, DNS:googlecommerce.com, DNS:urchin.com, DNS:youtu.be, DNS:youtube.com, DNS:youtubeeducation.com
            Authority Information Access: 
                CA Issuers - URI:http://pki.google.com/GIAG2.crt
                OCSP - URI:http://clients1.google.com/ocsp

            X509v3 Subject Key Identifier: 
                40:4B:30:8E:C9:25:C6:EF:14:A2:1A:E4:62:32:D8:BF:48:F1:40:6B
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:4A:DD:06:16:1B:BC:F6:68:B5:76:F5:81:B6:BB:62:1A:BA:5A:81:2F

            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.11129.2.5.1
                Policy: 2.23.140.1.2.2

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://pki.google.com/GIAG2.crl

    Signature Algorithm: sha256WithRSAEncryption
         28:e3:ae:5e:df:e9:68:ba:8f:7a:17:ba:8f:fc:ff:e9:91:2e:
         2c:8f:c6:b9:82:c1:70:d1:d8:ea:4e:4e:1a:17:3f:d3:bf:1d:
         1d:78:1e:56:9e:c4:ca:cf:20:b9:29:34:05:cb:0c:be:9a:75:
         46:1c:bf:74:81:f9:e7:01:e5:67:38:2e:7a:d8:1b:4e:62:ed:
         3b:55:f4:57:8b:e3:84:97:32:12:08:06:7f:a4:43:5e:4b:ed:
         44:3a:a1:5f:64:9e:28:7d:e9:22:42:3b:b9:9a:56:61:be:75:
         83:fb:3a:bc:26:0f:05:0f:1f:2f:33:c6:0f:7f:c4:4d:28:e9:
         45:00:cb:1c:70:a7:d4:49:e1:74:68:c3:be:2e:50:9e:fa:c7:
         1f:88:d9:f5:e1:31:10:bc:9a:77:af:c3:5e:cc:f9:ab:c9:32:
         69:28:d6:f9:0c:4d:f6:30:6e:b9:7c:61:0c:e8:33:af:a8:6d:
         c2:f0:25:47:47:dd:28:06:4d:5b:c4:15:3d:c9:e8:0c:cc:b7:
         6e:66:c8:10:c6:14:0f:a9:3d:a7:99:f2:c6:61:56:cd:c7:89:
         40:d7:93:be:f1:30:87:97:9a:88:9b:69:cc:a1:e4:d1:3e:66:
         ed:7a:b4:48:ac:85:3d:01:68:7b:03:0c:2f:d8:1a:02:ad:98:
         f7:ef:b4:d4
-----BEGIN CERTIFICATE-----
MIIHqTCCBpGgAwIBAgIIfSmB6x1WmDowDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUxMTA0MTgxMzE1WhcNMTYwMjAyMDAwMDAw
WjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5n
b29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqvLN1V+
GKEGtPveTqxw1FzTrlbsgh8dxlt5M2QSXQQ6YjKRkuQoaO26kp2DPBw80VmnIQwV
oGR8HRQTetfki9XMdXll0lPl4npfj0TM64N26OJuKLe2x0FLCv7SqevA7bUpLmR8
uDiXHnviLdH+gaqH/D5FYo9A83r04mkT8/V9kfXCjZuA/5i3O4UHCb2aO25IxVDs
GzQP/sFRJbN7pGlLxh5Q/9I+wYxEFTPajPEQ002EK1Dsl3986/4EjS/PR1DEOM1a
t3ZOdsfcINLwzNVmkAgdcxPc4lXEjqc3quWl1MuoG4KPnqAPLWud9TB0pGtboehm
lTDrL8zsKb2EkwIDAQABo4IEdjCCBHIwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMIIDQgYDVR0RBIIDOTCCAzWCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lk
LmNvbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYISKi5jbG91ZC5nb29nbGUuY29t
ghYqLmdvb2dsZS1hbmFseXRpY3MuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUu
Y2yCDiouZ29vZ2xlLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28u
dWuCDyouZ29vZ2xlLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5j
b20uYnKCDyouZ29vZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2ds
ZS5jb20udHKCDyouZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xl
LmVzggsqLmdvb2dsZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdv
b2dsZS5ubIILKi5nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBp
cy5jb22CDyouZ29vZ2xlYXBpcy5jboIUKi5nb29nbGVjb21tZXJjZS5jb22CESou
Z29vZ2xldmlkZW8uY29tggwqLmdzdGF0aWMuY26CDSouZ3N0YXRpYy5jb22CCiou
Z3Z0MS5jb22CCiouZ3Z0Mi5jb22CFCoubWV0cmljLmdzdGF0aWMuY29tggwqLnVy
Y2hpbi5jb22CECoudXJsLmdvb2dsZS5jb22CFioueW91dHViZS1ub2Nvb2tpZS5j
b22CDSoueW91dHViZS5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CCyoueXRp
bWcuY29tghphbmRyb2lkLmNsaWVudHMuZ29vZ2xlLmNvbYILYW5kcm9pZC5jb22C
BGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C
Emdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1
YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTBoBggrBgEFBQcBAQRcMFowKwYI
KwYBBQUHMAKGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcnQwKwYIKwYB
BQUHMAGGH2h0dHA6Ly9jbGllbnRzMS5nb29nbGUuY29tL29jc3AwHQYDVR0OBBYE
FEBLMI7JJcbvFKIa5GIy2L9I8UBrMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU
St0GFhu89mi1dvWBtrtiGrpagS8wIQYDVR0gBBowGDAMBgorBgEEAdZ5AgUBMAgG
BmeBDAECAjAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20v
R0lBRzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAo465e3+louo96F7qP/P/pkS4s
j8a5gsFw0djqTk4aFz/Tvx0deB5WnsTKzyC5KTQFywy+mnVGHL90gfnnAeVnOC56
2BtOYu07VfRXi+OElzISCAZ/pENeS+1EOqFfZJ4ofekiQju5mlZhvnWD+zq8Jg8F
Dx8vM8YPf8RNKOlFAMsccKfUSeF0aMO+LlCe+scfiNn14TEQvJp3r8NezPmryTJp
KNb5DE32MG65fGEM6DOvqG3C8CVHR90oBk1bxBU9yegMzLduZsgQxhQPqT2nmfLG
YVbNx4lA15O+8TCHl5qIm2nMoeTRPmbterRIrIU9AWh7Awwv2BoCrZj377TU
-----END CERTIFICATE-----