1 -- SPDX-License-Identifier: BSD-3-Clause
3 -- Copyright (C) 2008 IETF Trust and the persons identified as authors
6 -- https://www.rfc-editor.org/rfc/rfc5280#section-4
8 Certificate ::= SEQUENCE {
9 tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }),
10 signatureAlgorithm AlgorithmIdentifier,
11 signature BIT STRING ({ x509_note_signature })
14 TBSCertificate ::= SEQUENCE {
15 version [ 0 ] Version DEFAULT,
16 serialNumber CertificateSerialNumber ({ x509_note_serial }),
17 signature AlgorithmIdentifier ({ x509_note_sig_algo }),
18 issuer Name ({ x509_note_issuer }),
20 subject Name ({ x509_note_subject }),
21 subjectPublicKeyInfo SubjectPublicKeyInfo,
22 issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
23 subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
24 extensions [ 3 ] Extensions OPTIONAL
28 CertificateSerialNumber ::= INTEGER
30 AlgorithmIdentifier ::= SEQUENCE {
31 algorithm OBJECT IDENTIFIER ({ x509_note_OID }),
32 parameters ANY OPTIONAL ({ x509_note_params })
35 Name ::= SEQUENCE OF RelativeDistinguishedName
37 RelativeDistinguishedName ::= SET OF AttributeValueAssertion
39 AttributeValueAssertion ::= SEQUENCE {
40 attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
41 attributeValue ANY ({ x509_extract_name_segment })
44 Validity ::= SEQUENCE {
45 notBefore Time ({ x509_note_not_before }),
46 notAfter Time ({ x509_note_not_after })
51 generalTime GeneralizedTime
54 SubjectPublicKeyInfo ::= SEQUENCE {
55 algorithm AlgorithmIdentifier,
56 subjectPublicKey BIT STRING ({ x509_extract_key_data })
59 UniqueIdentifier ::= BIT STRING
61 Extensions ::= SEQUENCE OF Extension
63 Extension ::= SEQUENCE {
64 extnid OBJECT IDENTIFIER ({ x509_note_OID }),
65 critical BOOLEAN DEFAULT,
66 extnValue OCTET STRING ({ x509_process_extension })