Field | Code Signing Certificate Value |
Version | V3 (2) |
Serial Number | Must be unique |
Issuer Signature Algorithm |
sha-1WithRSAEncryption |
Issuer Distinguished Name |
cn=ORC ECA, ou=Certification Authorities, ou=ECA, o=U.S. Government, c=US |
Validity Period | 3 years from date of issue |
Subject Distinguished Name |
cn=CS.<Code Signer Organization Name>.<optional number>,<ou=Code Signer Company Name>, ou=ORC, ou=ECA, o=U.S. Government, c=US |
Subject Public Key Information |
1024 bit RSA key modulus, rsaEncryption |
Issuer Unique Identifier | Not Present |
Subject Unique Identifier | Not Present |
Issuer’s Signature | sha-1WithRSAEncryption |
Authority Key Identifier | c=no; octet string |
Subject Key Identifier | c=no; octet string |
Key Usage | c=yes; digitalSignature, nonRepudiation |
Extended Key Usage |
c=yes; {iso(1) identified-organization(3) DoD(6) internet(1) security(5) mechanisms(5) pkix(7) id-kp(3) id-kp-codesigning(3)} |
Private Key Usage Period |
Not Present |
Certificate Policies | c=no; {2 16 840 1 101 3 2 1 12 1}, {2 16 840 1 101 3 2 1 12 2} |
Policy Mapping | Not Present |
Subject Alternative Name |
always present; c=no; cn=<private key holder name>, <ou=Code Signer Company Name>, ou=ORC, ou=ECA, o=U.S. Government, c=US |
Issuer Alternative Name |
Not Present |
Subject Directory Attributes |
Not Present |
Basic Constraints | Not Present |
Name Constraints | Not Present |
Policy Constraints | Not Present |
Authority Information Access |
c=no; ocsp=http://eva.orc.com, caIssuers=http://eca.orc.com/ecaroot.crt |
CRL Distribution Points |
c = no; always present, ldap://eca-ds.orc.com/cn=ORC ECA, ou=Certification Authorities, ou=ECA, o=U.S. Government, c=US?certificaterevocationlist;binary |