1Certificate ::= SEQUENCE {
 2	tbsCertificate		TBSCertificate ({ x509_note_tbs_certificate }),
 3	signatureAlgorithm	AlgorithmIdentifier,
 4	signature		BIT STRING ({ x509_note_signature })
 5	}
 6
 7TBSCertificate ::= SEQUENCE {
 8	version           [ 0 ]	Version DEFAULT,
 9	serialNumber		CertificateSerialNumber ({ x509_note_serial }),
10	signature		AlgorithmIdentifier ({ x509_note_sig_algo }),
11	issuer			Name ({ x509_note_issuer }),
12	validity		Validity,
13	subject			Name ({ x509_note_subject }),
14	subjectPublicKeyInfo	SubjectPublicKeyInfo,
15	issuerUniqueID    [ 1 ]	IMPLICIT UniqueIdentifier OPTIONAL,
16	subjectUniqueID   [ 2 ]	IMPLICIT UniqueIdentifier OPTIONAL,
17	extensions        [ 3 ]	Extensions OPTIONAL
18	}
19
20Version ::= INTEGER
21CertificateSerialNumber ::= INTEGER
22
23AlgorithmIdentifier ::= SEQUENCE {
24	algorithm		OBJECT IDENTIFIER ({ x509_note_OID }),
25	parameters		ANY OPTIONAL ({ x509_note_params })
26}
27
28Name ::= SEQUENCE OF RelativeDistinguishedName
29
30RelativeDistinguishedName ::= SET OF AttributeValueAssertion
31
32AttributeValueAssertion ::= SEQUENCE {
33	attributeType		OBJECT IDENTIFIER ({ x509_note_OID }),
34	attributeValue		ANY ({ x509_extract_name_segment })
35	}
36
37Validity ::= SEQUENCE {
38	notBefore		Time ({ x509_note_not_before }),
39	notAfter		Time ({ x509_note_not_after })
40	}
41
42Time ::= CHOICE {
43	utcTime			UTCTime,
44	generalTime		GeneralizedTime
45	}
46
47SubjectPublicKeyInfo ::= SEQUENCE {
48	algorithm		AlgorithmIdentifier,
49	subjectPublicKey	BIT STRING ({ x509_extract_key_data })
50	}
51
52UniqueIdentifier ::= BIT STRING
53
54Extensions ::= SEQUENCE OF Extension
55
56Extension ::= SEQUENCE {
57	extnid			OBJECT IDENTIFIER ({ x509_note_OID }),
58	critical		BOOLEAN DEFAULT,
59	extnValue		OCTET STRING ({ x509_process_extension })
60	}

 1-- SPDX-License-Identifier: BSD-3-Clause
 2--
 3-- Copyright (C) 2008 IETF Trust and the persons identified as authors
 4-- of the code
 5--
 6-- https://www.rfc-editor.org/rfc/rfc5280#section-4
 7
 8Certificate ::= SEQUENCE {
 9	tbsCertificate		TBSCertificate ({ x509_note_tbs_certificate }),
10	signatureAlgorithm	AlgorithmIdentifier,
11	signature		BIT STRING ({ x509_note_signature })
12	}
13
14TBSCertificate ::= SEQUENCE {
15	version           [ 0 ]	Version DEFAULT,
16	serialNumber		CertificateSerialNumber ({ x509_note_serial }),
17	signature		AlgorithmIdentifier ({ x509_note_sig_algo }),
18	issuer			Name ({ x509_note_issuer }),
19	validity		Validity,
20	subject			Name ({ x509_note_subject }),
21	subjectPublicKeyInfo	SubjectPublicKeyInfo,
22	issuerUniqueID    [ 1 ]	IMPLICIT UniqueIdentifier OPTIONAL,
23	subjectUniqueID   [ 2 ]	IMPLICIT UniqueIdentifier OPTIONAL,
24	extensions        [ 3 ]	Extensions OPTIONAL
25	}
26
27Version ::= INTEGER
28CertificateSerialNumber ::= INTEGER
29
30AlgorithmIdentifier ::= SEQUENCE {
31	algorithm		OBJECT IDENTIFIER ({ x509_note_OID }),
32	parameters		ANY OPTIONAL ({ x509_note_params })
33}
34
35Name ::= SEQUENCE OF RelativeDistinguishedName
36
37RelativeDistinguishedName ::= SET OF AttributeValueAssertion
38
39AttributeValueAssertion ::= SEQUENCE {
40	attributeType		OBJECT IDENTIFIER ({ x509_note_OID }),
41	attributeValue		ANY ({ x509_extract_name_segment })
42	}
43
44Validity ::= SEQUENCE {
45	notBefore		Time ({ x509_note_not_before }),
46	notAfter		Time ({ x509_note_not_after })
47	}
48
49Time ::= CHOICE {
50	utcTime			UTCTime,
51	generalTime		GeneralizedTime
52	}
53
54SubjectPublicKeyInfo ::= SEQUENCE {
55	algorithm		AlgorithmIdentifier,
56	subjectPublicKey	BIT STRING ({ x509_extract_key_data })
57	}
58
59UniqueIdentifier ::= BIT STRING
60
61Extensions ::= SEQUENCE OF Extension
62
63Extension ::= SEQUENCE {
64	extnid			OBJECT IDENTIFIER ({ x509_note_OID }),
65	critical		BOOLEAN DEFAULT,
66	extnValue		OCTET STRING ({ x509_process_extension })
67	}