Viro/Henkilökortti/Varmenne
< Viro | Henkilökortti
Virolaisen ? sukupolven, elliptisen kaaren algoritmilla varustettu korttivarmenne.
Havaintoja:
- avaimena on isikukood (IK), joka vastaa suomalaista HETUa.
- etunimessä molemmat etunimet, joka noudattaa paikallista puhuttelutapaa
- kortin sarjanumero noudattaa ETSI-muotoa
- sähköpostiin liittyvää:
- varmenteen sisällä ei ole haltijan itse ilmoittamaa sähköpostiosoitetta
- henkilötunnukseen perustuva uudelleenohjausosoite (valtion tekemä) on olemassa
- sähköposti on mainittu käyttötarkoituksena EKU:ssa
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:90:9d:d5:44:44:e1:f4:5f:4f:6c:51:3f:dc:c7:75
Signature Algorithm: ecdsa-with-SHA512
Issuer: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = ESTEID2018
Validity
Not Before: Sep 2 09:56:33 2020 GMT
Not After : Sep 1 21:59:59 2025 GMT
Subject: C = EE, CN = "TUOMALA,JUHA MATTI,37207300043", SN = TUOMALA, GN = JUHA MATTI, serialNumber = PNOEE-37207300043
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:43:da:6b:b4:70:c0:ce:01:98:10:ca:a9:d8:14:
ae:0d:9a:2d:d6:6a:3d:c2:2b:e2:30:e5:ac:c3:14:
a3:46:bd:0a:79:08:df:5b:d6:cc:d2:16:a7:a7:04:
a2:d5:4a:a0:f5:6d:17:da:1b:e7:0b:e7:b4:bd:07:
e0:06:06:b1:02:6b:7c:c0:8e:68:eb:0c:cc:98:15:
99:93:9f:89:a5:ce:7d:97:ca:e9:cd:5c:32:36:a9:
41:e8:4c:76:58:3e:22
ASN1 OID: secp384r1
NIST CURVE: P-384
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage: critical
Digital Signature, Key Agreement
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.51361.1.1.2
CPS: https://www.sk.ee/CPS
Policy: 0.4.0.2042.1.2
X509v3 Subject Alternative Name:
email:37207300043@eesti.ee
X509v3 Subject Key Identifier:
4F:BA:C2:38:15:4E:47:DB:4B:31:9C:42:90:F4:E4:2A:79:A0:C2:67
qcStatements:
0S0Q.....F..0G0E.?https://sk.ee/en/repository/conditions-for-use-of-certificates/..EN
X509v3 Extended Key Usage: critical
TLS Web Client Authentication, E-mail Protection
X509v3 Authority Key Identifier:
keyid:D9:AC:70:DB:5F:7E:BE:94:F8:A0:E4:BE:47:A2:D0:34:AD:9A:2A:12
Authority Information Access:
OCSP - URI:http://aia.sk.ee/esteid2018
CA Issuers - URI:http://c.sk.ee/esteid2018.der.crt
Signature Algorithm: ecdsa-with-SHA512
30:81:87:02:41:28:e6:b6:bf:ed:9d:41:f2:59:7b:61:d8:bd:
40:25:1e:06:6b:17:6e:b3:cb:0e:94:75:d7:f4:5f:58:63:df:
1a:e8:8f:fe:51:bb:d8:b0:25:9b:8f:11:89:73:53:93:1d:f8:
bd:02:11:ad:f0:03:24:d7:da:67:39:13:74:d9:27:3b:02:42:
01:cb:27:ed:35:d4:97:14:da:8c:fb:be:d4:eb:be:61:d1:0f:
ee:a3:91:95:89:39:a7:78:92:06:c8:9a:ed:ab:e9:5f:71:d9:
e2:59:ac:00:2e:2f:cb:1f:95:1d:1c:dc:a0:b6:80:59:a0:52:
5c:e9:bf:74:b6:87:a4:bd:db:45:6f:4f
Varmenteen taanneen intermediate-CA:n (CN = ESTEID2018) tuloste:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:47:fa:ac:14:74:4b:8b:5b:a3:66:d4:fe:66:55:ed
Signature Algorithm: ecdsa-with-SHA512
Issuer: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = EE-GovCA2018
Validity
Not Before: Sep 20 09:22:28 2018 GMT
Not After : Sep 5 09:11:03 2033 GMT
Subject: C = EE, O = SK ID Solutions AS, organizationIdentifier = NTREE-10747013, CN = ESTEID2018
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (521 bit)
pub:
04:01:c7:38:19:6f:ed:4a:d1:3d:83:f5:c8:78:4e:
6f:b4:40:fd:80:43:6e:d8:32:9d:25:4c:a9:87:71:
9c:5a:ca:1d:45:e1:ea:d1:64:82:1b:c7:b8:0d:64:
d8:34:a8:9b:58:44:e6:4a:a1:07:95:6c:a4:37:a6:
6f:05:83:24:13:90:59:01:8e:23:fd:2d:dc:4b:5c:
70:b6:23:78:ce:c5:f7:13:8f:77:35:1b:65:a2:1b:
a4:d4:47:a5:08:15:06:91:57:d3:1a:4b:4e:05:b6:
ec:ca:48:32:15:3c:0c:70:56:16:97:80:68:d5:f7:
79:4a:43:e2:00:b9:72:f8:6c:2b:44:45:12
ASN1 OID: secp521r1
NIST CURVE: P-521
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:7E:29:56:E7:34:92:78:4E:77:E1:6F:2E:33:2A:98:71:C1:FD:34:9F
X509v3 Subject Key Identifier:
D9:AC:70:DB:5F:7E:BE:94:F8:A0:E4:BE:47:A2:D0:34:AD:9A:2A:12
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Certificate Policies:
Policy: 0.4.0.2042.1.2
Policy: 0.4.0.194112.1.2
Policy: 1.3.6.1.4.1.51361.1.1.1
CPS: https://www.sk.ee/CPS
Policy: 1.3.6.1.4.1.51361.1.1.2
Policy: 1.3.6.1.4.1.51455.1.1.1
Policy: 1.3.6.1.4.1.51361.1.1.5
Policy: 1.3.6.1.4.1.51361.1.1.6
Policy: 1.3.6.1.4.1.51361.1.1.7
Policy: 1.3.6.1.4.1.51361.1.1.3
Policy: 1.3.6.1.4.1.51361.1.1.4
Policy: 1.3.6.1.4.1.51361.1.1.8
Policy: 1.3.6.1.4.1.51361.1.1.9
Policy: 1.3.6.1.4.1.51361.1.1.10
Policy: 1.3.6.1.4.1.51361.1.1.11
Policy: 1.3.6.1.4.1.51361.1.1.12
Policy: 1.3.6.1.4.1.51361.1.1.13
Policy: 1.3.6.1.4.1.51361.1.1.14
Policy: 1.3.6.1.4.1.51361.1.1.15
Policy: 1.3.6.1.4.1.51361.1.1.16
Policy: 1.3.6.1.4.1.51361.1.1.17
Policy: 1.3.6.1.4.1.51361.1.1.18
Policy: 1.3.6.1.4.1.51361.1.1.19
Policy: 1.3.6.1.4.1.51361.1.1.20
Policy: 1.3.6.1.4.1.51455.1.1.2
Policy: 1.3.6.1.4.1.51455.1.1.3
Policy: 1.3.6.1.4.1.51455.1.1.4
Policy: 1.3.6.1.4.1.51455.1.1.5
Policy: 1.3.6.1.4.1.51455.1.1.6
X509v3 Extended Key Usage: critical
OCSP Signing, TLS Web Client Authentication, E-mail Protection
Authority Information Access:
OCSP - URI:http://aia.sk.ee/ee-govca2018
CA Issuers - URI:http://c.sk.ee/EE-GovCA2018.der.crt
qcStatements:
0
0......F..
X509v3 CRL Distribution Points:
Full Name:
URI:http://c.sk.ee/EE-GovCA2018.crl
Signature Algorithm: ecdsa-with-SHA512
30:81:88:02:42:00:de:b9:46:38:1d:cc:d4:6c:52:92:d3:4d:
87:67:cf:20:72:58:18:77:3b:47:aa:09:44:37:24:cc:b5:71:
3a:74:c0:51:9c:26:e0:52:68:41:08:00:34:98:94:87:6f:21:
49:f1:6f:62:90:b8:92:ca:ea:e6:90:93:34:84:31:3d:2a:02:
42:01:23:aa:03:8d:39:21:ae:67:2a:34:c9:3c:db:07:42:53:
22:ec:a6:6c:21:c4:c7:3a:80:5c:73:1f:b9:e0:df:19:5f:53:
20:06:8c:c9:99:3e:7d:ad:96:3f:db:f3:9e:13:5e:b7:04:0c:
03:d1:47:54:40:09:cc:3c:fe:be:5b:75:5d