Standard X.509 V3 Certificate Extensions - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

Standard X.509 v3 Certificate Extensions

Identifier: Key Usage: - 2.5.29.15
Signature:
Algorithm: SHA1withRSA - 1.2.840.113549.1.1.5
Signature:
AA:96:65:3D:10:FA:C7:0B:74:38:2D:93:54:32:C0:5B:
2F:18:93:E9:7C:32:E6:A4:4F:4E:38:93:61:83:3A:6A:
A2:11:91:C2:D2:A3:48:07:6C:07:54:A8:B8:42:0E:B4:
E4:AE:42:B4:B5:36:24:46:4F:83:61:64:13:69:03:DF:
41:88:0B:CB:39:57:8C:6B:9F:52:7E:26:F9:24:5E:E7:
BC:FB:FD:93:13:AF:24:3A:8F:DB:E3:DC:C9:F9:1F:67:
A8:BD:0B:95:84:9D:EB:FC:02:95:A0:49:2C:05:D4:B0:
35:EA:A6:80:30:20:FF:B1:85:C8:4B:74:D9:DC:BB:50
Standard X.509 v3 Certificate Extensions
This section summarizes the extension types that are defined as part of the Internet X.509
Version 3 standard, as of September 1998, and indicates which types are recommended by
the PKIX working group.
This section summarizes important information about each certificate. For complete details,
see both the X.509 v3 standard (available from the ITU) and the Internet X.509 Public Key
Infrastructure - Certificate and CRL Profile (RFC 2459), available at
http://www.ietf.org/rfc/rfc2459.txt
the RFC and section number of the standard draft that discusses the extension; the object
identifier (OID) for each extensions is also provided.
Each extension in a certificate can be designated as critical or noncritical. A
certificate-using system, such as browser software, must reject the certificate if it
encounters a critical extension it does not recognize; however, a noncritical extension can
be ignored if it is not recognized.
730 Red Hat Certificate System Administrator's Guide • September 2005
3B:46:83:85:27:BC:F5:9D:8E:63:E3:BE:79:EF:AF:79:
9C:37:85:84
Critical: yes
Key Usage:
Digital Signature
Key CertSign
Crl Sign
. The descriptions of extensions reference