Field |
Subordinate CA Value |
Version |
V3 (2) |
Serial Number |
Must be unique |
Issuer Signature Algorithm |
sha-1WithRSAEncryption {1 2 840 113549 1 1 5} |
Issuer Distinguished Name |
cn=ORC Government ROOT, o=ORC PKI, c=US |
Validity Period |
6 years from date of issue in UTCT format |
Subject Distinguished Name |
cn=ORC ACES <CA Name>, o=ORC PKI, c=US |
Subject Public Key Information |
1024 bit RSA key modulus, rsaEncryption {1 2 840 113549 1 1 1} |
Issuer Unique Identifier |
Not Present |
Subject Unique Identifier |
Not Present |
Issuer’s Signature |
sha-1WithRSAEncryption {1 2 840 113549 1 1 5} |
Extensions |
Authority Key Identifier |
Octet String (20 byte SHA-1 hash of the binary DER encoding of the ECA Root CA’s public key information) |
Subject Key Identifier |
Octet String (20 byte SHA-1 hash of the binary DER encoding of the ECA public key information) |
Key Usage |
c=yes; digitalSignature, nonRepudiation, keyCertSign, cRLSign |
Extended Key Usage |
Not Present |
Private Key Usage Period |
Not Present |
Certificate Policies |
c=no; { 2 16 840 1 101 3 2 1 1 1 } |
Policy Mapping |
Not Present |
Subject Alternative Name |
Not Present |
Issuer Alternative Name |
Not Present |
Subject Directory Attributes |
Not Present |
Basic Constraints |
c=yes; CA=True |
Name Constraints |
Not Present |
Policy Constraints |
Not Present |
Authority Information Access |
c=no; ocsp= http://eva.orc.com, caIssuers=ldap://aces-ds.orc.com/cn=ORC Government Root, o=ORC PKI, c=US?cacertificate;binary, caIssuers=http://aces.orc.com/ caCerts/ORC Government Root.p7b |
Subject Information Access |
c=no; id-ad-caRepository=ldap://aces-ds.orc.com/ |
CRL Distribution Points |
c=no; always present, {ldap://aces-ds.orc.com/cn= ORC Government Root, o=ORC PKI, c=US?certificaterevocationlist;binary} {http://aces.orc.com/CRLs/ORC Government Root.crl} |