1Certificate ::= SEQUENCE { 2 tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }), 3 signatureAlgorithm AlgorithmIdentifier, 4 signature BIT STRING ({ x509_note_signature }) 5 } 6 7TBSCertificate ::= SEQUENCE { 8 version [ 0 ] Version DEFAULT, 9 serialNumber CertificateSerialNumber ({ x509_note_serial }), 10 signature AlgorithmIdentifier ({ x509_note_pkey_algo }), 11 issuer Name ({ x509_note_issuer }), 12 validity Validity, 13 subject Name ({ x509_note_subject }), 14 subjectPublicKeyInfo SubjectPublicKeyInfo, 15 issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 16 subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 17 extensions [ 3 ] Extensions OPTIONAL 18 } 19 20Version ::= INTEGER 21CertificateSerialNumber ::= INTEGER 22 23AlgorithmIdentifier ::= SEQUENCE { 24 algorithm OBJECT IDENTIFIER ({ x509_note_OID }), 25 parameters ANY OPTIONAL ({ x509_note_params }) 26} 27 28Name ::= SEQUENCE OF RelativeDistinguishedName 29 30RelativeDistinguishedName ::= SET OF AttributeValueAssertion 31 32AttributeValueAssertion ::= SEQUENCE { 33 attributeType OBJECT IDENTIFIER ({ x509_note_OID }), 34 attributeValue ANY ({ x509_extract_name_segment }) 35 } 36 37Validity ::= SEQUENCE { 38 notBefore Time ({ x509_note_not_before }), 39 notAfter Time ({ x509_note_not_after }) 40 } 41 42Time ::= CHOICE { 43 utcTime UTCTime, 44 generalTime GeneralizedTime 45 } 46 47SubjectPublicKeyInfo ::= SEQUENCE { 48 algorithm AlgorithmIdentifier, 49 subjectPublicKey BIT STRING ({ x509_extract_key_data }) 50 } 51 52UniqueIdentifier ::= BIT STRING 53 54Extensions ::= SEQUENCE OF Extension 55 56Extension ::= SEQUENCE { 57 extnid OBJECT IDENTIFIER ({ x509_note_OID }), 58 critical BOOLEAN DEFAULT, 59 extnValue OCTET STRING ({ x509_process_extension }) 60 } 61