1-- SPDX-License-Identifier: BSD-3-Clause 2-- 3-- Copyright (C) 2008 IETF Trust and the persons identified as authors 4-- of the code 5-- 6-- https://www.rfc-editor.org/rfc/rfc5280#section-4 7 8Certificate ::= SEQUENCE { 9 tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }), 10 signatureAlgorithm AlgorithmIdentifier, 11 signature BIT STRING ({ x509_note_signature }) 12 } 13 14TBSCertificate ::= SEQUENCE { 15 version [ 0 ] Version DEFAULT, 16 serialNumber CertificateSerialNumber ({ x509_note_serial }), 17 signature AlgorithmIdentifier ({ x509_note_sig_algo }), 18 issuer Name ({ x509_note_issuer }), 19 validity Validity, 20 subject Name ({ x509_note_subject }), 21 subjectPublicKeyInfo SubjectPublicKeyInfo, 22 issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 23 subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 24 extensions [ 3 ] Extensions OPTIONAL 25 } 26 27Version ::= INTEGER 28CertificateSerialNumber ::= INTEGER 29 30AlgorithmIdentifier ::= SEQUENCE { 31 algorithm OBJECT IDENTIFIER ({ x509_note_OID }), 32 parameters ANY OPTIONAL ({ x509_note_params }) 33} 34 35Name ::= SEQUENCE OF RelativeDistinguishedName 36 37RelativeDistinguishedName ::= SET OF AttributeValueAssertion 38 39AttributeValueAssertion ::= SEQUENCE { 40 attributeType OBJECT IDENTIFIER ({ x509_note_OID }), 41 attributeValue ANY ({ x509_extract_name_segment }) 42 } 43 44Validity ::= SEQUENCE { 45 notBefore Time ({ x509_note_not_before }), 46 notAfter Time ({ x509_note_not_after }) 47 } 48 49Time ::= CHOICE { 50 utcTime UTCTime, 51 generalTime GeneralizedTime 52 } 53 54SubjectPublicKeyInfo ::= SEQUENCE { 55 algorithm AlgorithmIdentifier, 56 subjectPublicKey BIT STRING ({ x509_extract_key_data }) 57 } 58 59UniqueIdentifier ::= BIT STRING 60 61Extensions ::= SEQUENCE OF Extension 62 63Extension ::= SEQUENCE { 64 extnid OBJECT IDENTIFIER ({ x509_note_OID }), 65 critical BOOLEAN DEFAULT, 66 extnValue OCTET STRING ({ x509_process_extension }) 67 } 68