1 Certificate ::= SEQUENCE {
2 tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }),
3 signatureAlgorithm AlgorithmIdentifier,
4 signature BIT STRING ({ x509_note_signature })
7 TBSCertificate ::= SEQUENCE {
8 version [ 0 ] Version DEFAULT,
9 serialNumber CertificateSerialNumber ({ x509_note_serial }),
10 signature AlgorithmIdentifier ({ x509_note_pkey_algo }),
11 issuer Name ({ x509_note_issuer }),
13 subject Name ({ x509_note_subject }),
14 subjectPublicKeyInfo SubjectPublicKeyInfo,
15 issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
16 subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
17 extensions [ 3 ] Extensions OPTIONAL
21 CertificateSerialNumber ::= INTEGER
23 AlgorithmIdentifier ::= SEQUENCE {
24 algorithm OBJECT IDENTIFIER ({ x509_note_OID }),
25 parameters ANY OPTIONAL ({ x509_note_params })
28 Name ::= SEQUENCE OF RelativeDistinguishedName
30 RelativeDistinguishedName ::= SET OF AttributeValueAssertion
32 AttributeValueAssertion ::= SEQUENCE {
33 attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
34 attributeValue ANY ({ x509_extract_name_segment })
37 Validity ::= SEQUENCE {
38 notBefore Time ({ x509_note_not_before }),
39 notAfter Time ({ x509_note_not_after })
44 generalTime GeneralizedTime
47 SubjectPublicKeyInfo ::= SEQUENCE {
48 algorithm AlgorithmIdentifier,
49 subjectPublicKey BIT STRING ({ x509_extract_key_data })
52 UniqueIdentifier ::= BIT STRING
54 Extensions ::= SEQUENCE OF Extension
56 Extension ::= SEQUENCE {
57 extnid OBJECT IDENTIFIER ({ x509_note_OID }),
58 critical BOOLEAN DEFAULT,
59 extnValue OCTET STRING ({ x509_process_extension })