Sample Certificates and CRL from rfc3280bis

certificate/CRL

Corresponding section of rfc3280bis

RSA self-signed certificate

C.1 RSA Self-Signed Certificate

Section C.1 contains an annotated hex dump of a "self-signed" certificate issued by a CA whose distinguished name is cn=Example CA,dc=example,dc=com. The certificate contains an RSA public key, and is signed by the corresponding RSA private key.

End Entity Certificate Using RSA

C.2 End Entity Certificate Using RSA

Section C.2 contains an annotated hex dump of an end entity certificate. The end entity certificate contains an RSA public key, and is signed by the private key corresponding to the "self-signed" certificate in section C.1.

End Entity Certificate Using DSA

C.3 End Entity Certificate Using DSA

Section C.3 contains an annotated hex dump of an end entity certificate that contains a DSA public key with parameters, and is signed with DSA and SHA-1. This certificate is not part of the minimal certification path.

Certificate Revocation List

C.4 Certificate Revocation List

Section C.4 contains an annotated hex dump of a CRL. The CRL is issued by the CA whose distinguished name is cn=Example CA,dc=example,dc=com and the list of revoked certificates includes the end entity certificate presented in C.2.



Sample Certificates and CRL from RFC 3280

certificate/CRL

Corresponding section of RFC 3280

DSA self-signed certificate

C.1 Certificate

Section C.1 contains an annotated hex dump of a "self-signed" certificate issued by a CA whose distinguished name is cn=us,o=gov,ou=nist. The certificate contains a DSA public key with parameters, and is signed by the corresponding DSA private key.

End Entity Certificate Using DSA

C.2 Certificate

Section C.2 contains an annotated hex dump of an end entity certificate. The end entity certificate contains a DSA public key, and is signed by the private key corresponding to the "self-signed" certificate in section C.1.

End Entity Certificate Using RSA

C.3 End Entity Certificate Using RSA

Section C.3 contains a dump of an end entity certificate which contains an RSA public key and is signed with RSA and MD5. This certificate is not part of the minimal certification path.

Certificate Revocation List

C.4 Certificate Revocation List

Section C.4 contains an annotated hex dump of a CRL. The CRL is issued by the CA whose distinguished name is cn=us,o=gov,ou=nist and the list of revoked certificates includes the end entity certificate presented in C.2.