Field |
Encryption Certificate Value |
Version |
V3 (2) |
Serial Number |
Must be unique |
Issuer Signature Algorithm |
sha-1WithRSAEncryption |
Issuer Distinguished Name |
cn=ORC ACES Unaffiliated, o=ORC PKI, c=US |
Validity Period |
2 years from date of issue |
Subject Distinguished Name |
cn=<Subscriber Name>, ou=<State or Country>, c=US |
Subject Public Key Information |
1024 bit RSA key modulus, rsaEncryption |
Issuer Unique Identifier |
Not Present |
Subject Unique Identifier |
Not Present |
Issuer’s Signature |
sha-1WithRSAEncryption |
Extensions |
Authority Key Identifier |
c=no; octet string |
Subject Key Identifier |
c=no; octet string |
Key Usage |
c=yes; keyEncipherment |
Extended Key Usage |
c=no; {1 3 6 1 5 5 7 3 1}, {1 3 6 1 5 5 7 3 2}, {1 3 6 1 5 5 7 3 3}, {1 3 6 1 5 5 7 3 4}, {1 3 6 1 5 5 7 3 8}, {1 3 6 1 5 5 7 3 9}, {1 3 6 1 4 1 311 20 2 2}, {1 3 6 1 4 1 311 10 3 1}, {1 3 6 1 4 1 311 10 3 4} |
Private Key Usage Period |
Not Present |
Certificate Policies |
c=no; { 2 16 840 1 101 3 2 1 1 2}; optional: id-fpki-common-hardware::={2 16 840 1 101 3 2 1 3 7} |
Policy Mapping |
Not Present |
Subject Alternative Name |
c=no; always present, contains RFC822 e-mail address |
Issuer Alternative Name |
Not Present |
Subject Directory Attributes |
Not Present |
Basic Constraints |
c=yes; cA=false |
Name Constraints |
Not Present |
Policy Constraints |
Not Present |
Authority Information Access |
c=no; ocsp= http://eva.orc.com, caIssuers=ldap://aces-ds.orc.com/cn=ORC ACES Unaffiliated, o=ORC PKI, c=US?cacertificate;binary, caIssuers=http://aces.orc.com/caCerts/Unaffiliated.p7b |
CRL Distribution Points |
c=no; always present, {ldap://aces-ds.orc.com/cn=ORC ACES Unaffiliated, o=ORC PKI, c=US?certificaterevocationlist;binary} {http://aces.orc.com/CRLs/Unaffiliated.crl} |