| Field | Medium Hardware Assurance Identity Certificate Value |
| Version | V3 (2) |
| Serial Number | Must be unique |
| Issuer Signature Algorithm |
sha-1WithRSAEncryption |
| Issuer Distinguished Name |
cn=ORC ECA, ou=Certification Authorities, ou=ECA, o=U.S. Government, c=US |
| Validity Period | 3 years from date of issue |
| Subject Distinguished Name |
<cn=Subscriber Name>, <ou=Subscriber Company Name>, ou=ORC, ou=ECA, o=U.S. Government, c=US |
| Subject Public Key Information |
1024 bit RSA key modulus, rsaEncryption |
| Issuer Unique Identifier | Not Present |
| Subject Unique Identifier | Not Present |
| Issuer’s Signature | sha-1WithRSAEncryption |
| Authority key Identifier | c=no; octet string |
| Subject key Identifier | c=no; octet string |
| Key Usage | c=yes; digitalSignature, nonRepudiation |
| Extended key Usage |
c=no; id-kp-clientAuth {1 3 6 1 5 5 7 3 2}; id-kp-emailProtection {1 3 6 1 5 5 7 3 4}; MS-SC {1 3 6 1 4 1 311 20 2 2} |
| Private Key Usage Period |
Not Present |
| Certificate Policies | c=no; {2 16 840 1 101 3 2 1 12 1}, {2 16 840 1 101 3 2 1 12 2} |
| Policy Mapping | Not Present |
| Subject Alternative Name Other Name
|
c=no; always present, contains RFC822 e-mail address; <UPN=Domain Login Name>; {1 3 6 1 4 1 311 20 2 3} |
| Issuer Alternative Name |
Not Present |
| Subject Directory Attributes |
Not Present |
| Basic Constraints | Not Present |
| Name Constraints | Not Present |
| Policy Constraints | Not Present |
| Authority Information Access |
C=no; ocsp=http://eva.orc.com, caIssuers=http://eca.orc.com/ecaroot.crt |
| CRL Distribution Points |
c = no; always present, ldap://eca-ds.orc.com/cn=ORC ECA, ou=Certification Authorities, ou=ECA, o=U.S. Government, c=US?certificaterevocationlist;binary |
