Ero sivun ”Viro/Henkilökortti/Varmenne” versioiden välillä
< Viro | Henkilökortti
Siirry navigaatioon
Siirry hakuun
p |
|||
(8 välissä olevaa versiota toisen käyttäjän tekemänä ei näytetä) | |||
Rivi 1: | Rivi 1: | ||
− | Virolaisen ? sukupolven, elliptisen kaaren algoritmilla varustettu korttivarmenne. | + | Virolaisen ? sukupolven, elliptisen kaaren algoritmilla varustettu korttivarmenne. |
+ | |||
+ | Havaintoja: | ||
+ | * avaimena on ''isikukood'' (IK), joka vastaa suomalaista HETUa. | ||
+ | * etunimessä molemmat etunimet, joka noudattaa paikallista puhuttelutapaa | ||
+ | * kortin sarjanumero noudattaa [[ETSI]]-muotoa | ||
+ | * [[sähköposti]]in liittyvää: | ||
+ | ** varmenteen sisällä ei ole haltijan itse ilmoittamaa sähköpostiosoitetta | ||
+ | ** henkilötunnukseen perustuva uudelleenohjausosoite (valtion tekemä) on olemassa | ||
+ | ** sähköposti on mainittu käyttötarkoituksena [[EKU]]:ssa | ||
Certificate: | Certificate: | ||
Rivi 60: | Rivi 69: | ||
e2:59:ac:00:2e:2f:cb:1f:95:1d:1c:dc:a0:b6:80:59:a0:52: | e2:59:ac:00:2e:2f:cb:1f:95:1d:1c:dc:a0:b6:80:59:a0:52: | ||
5c:e9:bf:74:b6:87:a4:bd:db:45:6f:4f | 5c:e9:bf:74:b6:87:a4:bd:db:45:6f:4f | ||
+ | |||
+ | |||
+ | Varmenteen taanneen intermediate-CA:n (CN = ESTEID2018) tuloste: | ||
+ | |||
+ | Certificate: | ||
+ | Data: | ||
+ | Version: 3 (0x2) | ||
+ | Serial Number: | ||
+ | 75:47:fa:ac:14:74:4b:8b:5b:a3:66:d4:fe:66:55:ed | ||
+ | Signature Algorithm: ecdsa-with-SHA512 | ||
+ | Issuer: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = EE-GovCA2018 | ||
+ | Validity | ||
+ | Not Before: Sep 20 09:22:28 2018 GMT | ||
+ | Not After : Sep 5 09:11:03 2033 GMT | ||
+ | Subject: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = ESTEID2018 | ||
+ | Subject Public Key Info: | ||
+ | Public Key Algorithm: id-ecPublicKey | ||
+ | Public-Key: (521 bit) | ||
+ | pub: | ||
+ | 04:01:c7:38:19:6f:ed:4a:d1:3d:83:f5:c8:78:4e: | ||
+ | 6f:b4:40:fd:80:43:6e:d8:32:9d:25:4c:a9:87:71: | ||
+ | 9c:5a:ca:1d:45:e1:ea:d1:64:82:1b:c7:b8:0d:64: | ||
+ | d8:34:a8:9b:58:44:e6:4a:a1:07:95:6c:a4:37:a6: | ||
+ | 6f:05:83:24:13:90:59:01:8e:23:fd:2d:dc:4b:5c: | ||
+ | 70:b6:23:78:ce:c5:f7:13:8f:77:35:1b:65:a2:1b: | ||
+ | a4:d4:47:a5:08:15:06:91:57:d3:1a:4b:4e:05:b6: | ||
+ | ec:ca:48:32:15:3c:0c:70:56:16:97:80:68:d5:f7: | ||
+ | 79:4a:43:e2:00:b9:72:f8:6c:2b:44:45:12 | ||
+ | ASN1 OID: secp521r1 | ||
+ | NIST CURVE: P-521 | ||
+ | X509v3 extensions: | ||
+ | X509v3 Authority Key Identifier: | ||
+ | keyid:7E:29:56:E7:34:92:78:4E:77:E1:6F:2E:33:2A:98:71:C1:FD:34:9F | ||
+ | |||
+ | X509v3 Subject Key Identifier: | ||
+ | D9:AC:70:DB:5F:7E:BE:94:F8:A0:E4:BE:47:A2:D0:34:AD:9A:2A:12 | ||
+ | X509v3 Key Usage: critical | ||
+ | Certificate Sign, CRL Sign | ||
+ | X509v3 Basic Constraints: critical | ||
+ | CA:TRUE, pathlen:0 | ||
+ | X509v3 Certificate Policies: | ||
+ | Policy: 0.4.0.2042.1.2 | ||
+ | Policy: 0.4.0.194112.1.2 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.1 | ||
+ | CPS: https://www.sk.ee/CPS | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.2 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.1 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.5 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.6 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.7 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.3 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.4 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.8 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.9 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.10 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.11 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.12 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.13 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.14 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.15 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.16 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.17 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.18 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.19 | ||
+ | Policy: 1.3.6.1.4.1.51361.1.1.20 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.2 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.3 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.4 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.5 | ||
+ | Policy: 1.3.6.1.4.1.51455.1.1.6 | ||
+ | |||
+ | X509v3 Extended Key Usage: critical | ||
+ | OCSP Signing, TLS Web Client Authentication, E-mail Protection | ||
+ | Authority Information Access: | ||
+ | OCSP - URI:http://aia.sk.ee/ee-govca2018 | ||
+ | CA Issuers - URI:http://c.sk.ee/EE-GovCA2018.der.crt | ||
+ | |||
+ | qcStatements: | ||
+ | 0 | ||
+ | 0......F.. | ||
+ | X509v3 CRL Distribution Points: | ||
+ | |||
+ | Full Name: | ||
+ | URI:http://c.sk.ee/EE-GovCA2018.crl | ||
+ | |||
+ | Signature Algorithm: ecdsa-with-SHA512 | ||
+ | 30:81:88:02:42:00:de:b9:46:38:1d:cc:d4:6c:52:92:d3:4d: | ||
+ | 87:67:cf:20:72:58:18:77:3b:47:aa:09:44:37:24:cc:b5:71: | ||
+ | 3a:74:c0:51:9c:26:e0:52:68:41:08:00:34:98:94:87:6f:21: | ||
+ | 49:f1:6f:62:90:b8:92:ca:ea:e6:90:93:34:84:31:3d:2a:02: | ||
+ | 42:01:23:aa:03:8d:39:21:ae:67:2a:34:c9:3c:db:07:42:53: | ||
+ | 22:ec:a6:6c:21:c4:c7:3a:80:5c:73:1f:b9:e0:df:19:5f:53: | ||
+ | 20:06:8c:c9:99:3e:7d:ad:96:3f:db:f3:9e:13:5e:b7:04:0c: | ||
+ | 03:d1:47:54:40:09:cc:3c:fe:be:5b:75:5d | ||
== Katso myös == | == Katso myös == | ||
* [[Viro]] | * [[Viro]] | ||
+ | [[Luokka:Tekniikka]] | ||
[[Luokka:Viro]] | [[Luokka:Viro]] | ||
+ | [[Luokka:Varmenne]] |
Nykyinen versio 27. tammikuuta 2022 kello 10.08
Virolaisen ? sukupolven, elliptisen kaaren algoritmilla varustettu korttivarmenne.
Havaintoja:
- avaimena on isikukood (IK), joka vastaa suomalaista HETUa.
- etunimessä molemmat etunimet, joka noudattaa paikallista puhuttelutapaa
- kortin sarjanumero noudattaa ETSI-muotoa
- sähköpostiin liittyvää:
- varmenteen sisällä ei ole haltijan itse ilmoittamaa sähköpostiosoitetta
- henkilötunnukseen perustuva uudelleenohjausosoite (valtion tekemä) on olemassa
- sähköposti on mainittu käyttötarkoituksena EKU:ssa
Certificate: Data: Version: 3 (0x2) Serial Number: 45:90:9d:d5:44:44:e1:f4:5f:4f:6c:51:3f:dc:c7:75 Signature Algorithm: ecdsa-with-SHA512 Issuer: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = ESTEID2018 Validity Not Before: Sep 2 09:56:33 2020 GMT Not After : Sep 1 21:59:59 2025 GMT Subject: C = EE, CN = "TUOMALA,JUHA MATTI,37207300043", SN = TUOMALA, GN = JUHA MATTI, serialNumber = PNOEE-37207300043 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:43:da:6b:b4:70:c0:ce:01:98:10:ca:a9:d8:14: ae:0d:9a:2d:d6:6a:3d:c2:2b:e2:30:e5:ac:c3:14: a3:46:bd:0a:79:08:df:5b:d6:cc:d2:16:a7:a7:04: a2:d5:4a:a0:f5:6d:17:da:1b:e7:0b:e7:b4:bd:07: e0:06:06:b1:02:6b:7c:c0:8e:68:eb:0c:cc:98:15: 99:93:9f:89:a5:ce:7d:97:ca:e9:cd:5c:32:36:a9: 41:e8:4c:76:58:3e:22 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: critical Digital Signature, Key Agreement X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.51361.1.1.2 CPS: https://www.sk.ee/CPS Policy: 0.4.0.2042.1.2 X509v3 Subject Alternative Name: email:37207300043@eesti.ee X509v3 Subject Key Identifier: 4F:BA:C2:38:15:4E:47:DB:4B:31:9C:42:90:F4:E4:2A:79:A0:C2:67 qcStatements: 0S0Q.....F..0G0E.?https://sk.ee/en/repository/conditions-for-use-of-certificates/..EN X509v3 Extended Key Usage: critical TLS Web Client Authentication, E-mail Protection X509v3 Authority Key Identifier: keyid:D9:AC:70:DB:5F:7E:BE:94:F8:A0:E4:BE:47:A2:D0:34:AD:9A:2A:12 Authority Information Access: OCSP - URI:http://aia.sk.ee/esteid2018 CA Issuers - URI:http://c.sk.ee/esteid2018.der.crt Signature Algorithm: ecdsa-with-SHA512 30:81:87:02:41:28:e6:b6:bf:ed:9d:41:f2:59:7b:61:d8:bd: 40:25:1e:06:6b:17:6e:b3:cb:0e:94:75:d7:f4:5f:58:63:df: 1a:e8:8f:fe:51:bb:d8:b0:25:9b:8f:11:89:73:53:93:1d:f8: bd:02:11:ad:f0:03:24:d7:da:67:39:13:74:d9:27:3b:02:42: 01:cb:27:ed:35:d4:97:14:da:8c:fb:be:d4:eb:be:61:d1:0f: ee:a3:91:95:89:39:a7:78:92:06:c8:9a:ed:ab:e9:5f:71:d9: e2:59:ac:00:2e:2f:cb:1f:95:1d:1c:dc:a0:b6:80:59:a0:52: 5c:e9:bf:74:b6:87:a4:bd:db:45:6f:4f
Varmenteen taanneen intermediate-CA:n (CN = ESTEID2018) tuloste:
Certificate: Data: Version: 3 (0x2) Serial Number: 75:47:fa:ac:14:74:4b:8b:5b:a3:66:d4:fe:66:55:ed Signature Algorithm: ecdsa-with-SHA512 Issuer: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = EE-GovCA2018 Validity Not Before: Sep 20 09:22:28 2018 GMT Not After : Sep 5 09:11:03 2033 GMT Subject: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = ESTEID2018 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) pub: 04:01:c7:38:19:6f:ed:4a:d1:3d:83:f5:c8:78:4e: 6f:b4:40:fd:80:43:6e:d8:32:9d:25:4c:a9:87:71: 9c:5a:ca:1d:45:e1:ea:d1:64:82:1b:c7:b8:0d:64: d8:34:a8:9b:58:44:e6:4a:a1:07:95:6c:a4:37:a6: 6f:05:83:24:13:90:59:01:8e:23:fd:2d:dc:4b:5c: 70:b6:23:78:ce:c5:f7:13:8f:77:35:1b:65:a2:1b: a4:d4:47:a5:08:15:06:91:57:d3:1a:4b:4e:05:b6: ec:ca:48:32:15:3c:0c:70:56:16:97:80:68:d5:f7: 79:4a:43:e2:00:b9:72:f8:6c:2b:44:45:12 ASN1 OID: secp521r1 NIST CURVE: P-521 X509v3 extensions: X509v3 Authority Key Identifier: keyid:7E:29:56:E7:34:92:78:4E:77:E1:6F:2E:33:2A:98:71:C1:FD:34:9F X509v3 Subject Key Identifier: D9:AC:70:DB:5F:7E:BE:94:F8:A0:E4:BE:47:A2:D0:34:AD:9A:2A:12 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 Certificate Policies: Policy: 0.4.0.2042.1.2 Policy: 0.4.0.194112.1.2 Policy: 1.3.6.1.4.1.51361.1.1.1 CPS: https://www.sk.ee/CPS Policy: 1.3.6.1.4.1.51361.1.1.2 Policy: 1.3.6.1.4.1.51455.1.1.1 Policy: 1.3.6.1.4.1.51361.1.1.5 Policy: 1.3.6.1.4.1.51361.1.1.6 Policy: 1.3.6.1.4.1.51361.1.1.7 Policy: 1.3.6.1.4.1.51361.1.1.3 Policy: 1.3.6.1.4.1.51361.1.1.4 Policy: 1.3.6.1.4.1.51361.1.1.8 Policy: 1.3.6.1.4.1.51361.1.1.9 Policy: 1.3.6.1.4.1.51361.1.1.10 Policy: 1.3.6.1.4.1.51361.1.1.11 Policy: 1.3.6.1.4.1.51361.1.1.12 Policy: 1.3.6.1.4.1.51361.1.1.13 Policy: 1.3.6.1.4.1.51361.1.1.14 Policy: 1.3.6.1.4.1.51361.1.1.15 Policy: 1.3.6.1.4.1.51361.1.1.16 Policy: 1.3.6.1.4.1.51361.1.1.17 Policy: 1.3.6.1.4.1.51361.1.1.18 Policy: 1.3.6.1.4.1.51361.1.1.19 Policy: 1.3.6.1.4.1.51361.1.1.20 Policy: 1.3.6.1.4.1.51455.1.1.2 Policy: 1.3.6.1.4.1.51455.1.1.3 Policy: 1.3.6.1.4.1.51455.1.1.4 Policy: 1.3.6.1.4.1.51455.1.1.5 Policy: 1.3.6.1.4.1.51455.1.1.6 X509v3 Extended Key Usage: critical OCSP Signing, TLS Web Client Authentication, E-mail Protection Authority Information Access: OCSP - URI:http://aia.sk.ee/ee-govca2018 CA Issuers - URI:http://c.sk.ee/EE-GovCA2018.der.crt qcStatements: 0 0......F.. X509v3 CRL Distribution Points: Full Name: URI:http://c.sk.ee/EE-GovCA2018.crl Signature Algorithm: ecdsa-with-SHA512 30:81:88:02:42:00:de:b9:46:38:1d:cc:d4:6c:52:92:d3:4d: 87:67:cf:20:72:58:18:77:3b:47:aa:09:44:37:24:cc:b5:71: 3a:74:c0:51:9c:26:e0:52:68:41:08:00:34:98:94:87:6f:21: 49:f1:6f:62:90:b8:92:ca:ea:e6:90:93:34:84:31:3d:2a:02: 42:01:23:aa:03:8d:39:21:ae:67:2a:34:c9:3c:db:07:42:53: 22:ec:a6:6c:21:c4:c7:3a:80:5c:73:1f:b9:e0:df:19:5f:53: 20:06:8c:c9:99:3e:7d:ad:96:3f:db:f3:9e:13:5e:b7:04:0c: 03:d1:47:54:40:09:cc:3c:fe:be:5b:75:5d