public interface X509ObjectIdentifiers
| Modifier and Type | Field and Description |
|---|---|
static ASN1ObjectIdentifier |
attributeType |
static ASN1ObjectIdentifier |
commonName
Subject RDN components: commonName = 2.5.4.3
|
static ASN1ObjectIdentifier |
countryName
Subject RDN components: countryName = 2.5.4.6
|
static ASN1ObjectIdentifier |
crlAccessMethod
OID for crl uri in AuthorityInformationAccess extension
|
static ASN1ObjectIdentifier |
id_ad
id-pkix OID: 1.3.6.1.5.5.7.48
|
static ASN1ObjectIdentifier |
id_ad_caIssuers
id-ad-caIssuers OID: 1.3.6.1.5.5.7.48.2
|
static ASN1ObjectIdentifier |
id_ad_ocsp
id-ad-ocsp OID: 1.3.6.1.5.5.7.48.1
|
static ASN1ObjectIdentifier |
id_alg_noSignature
id-alg-noSignature OBJECT IDENTIFIER ::= {id-pkix id-alg(6) 2}
|
static ASN1ObjectIdentifier |
id_alg_unsigned
id-alg-unsigned OBJECT IDENTIFIER ::= {id-pkix id-alg(6) 36}
|
static ASN1ObjectIdentifier |
id_at_name
Subject RDN components: name = 2.5.4.41
|
static ASN1ObjectIdentifier |
id_at_organizationIdentifier
Subject RDN components: organizationIdentifier = 2.5.4.97
|
static ASN1ObjectIdentifier |
id_at_telephoneNumber
Subject RDN components: telephone_number = 2.5.4.20
|
static ASN1ObjectIdentifier |
id_ce
ISO ARC for standard certificate and CRL extensions
OID: 2.5.29
|
static ASN1ObjectIdentifier |
id_ce_ct_embeddedSCTList
RFC 6962 sec. 3.3 / RFC 9162 sec. 4.1 — certificate extension carrying
the TLS-encoded
SignedCertificateTimestampList for a server
certificate. |
static ASN1ObjectIdentifier |
id_ce_ct_precertPoison
RFC 6962 sec. 3.1 / RFC 9162 sec. 4.2 — the precertificate-poison
critical extension that marks a CMS as a precertificate (i.e. not a
valid TLS certificate, used only for CT log submission).
|
static ASN1ObjectIdentifier |
id_ce_ct_transparencyInformation
RFC 9162 sec. 7.1 — the Transparency Information X.509v3 extension,
the CT v2 replacement for
id_ce_ct_embeddedSCTList. |
static ASN1ObjectIdentifier |
id_ct
Google's Certificate Transparency arc, the parent of the OIDs defined
by RFC 6962.
|
static ASN1ObjectIdentifier |
id_ct_precertificate
RFC 9162 sec. 3.2 — the CMS
eContentType for a CT v2
precertificate. |
static ASN1ObjectIdentifier |
id_ea_rsa
OID: 2.5.8.1.1
|
static ASN1ObjectIdentifier |
id_ecdsa_with_shake128
id-ecdsa-with-shake128 OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) algorithms(6) 32 }
|
static ASN1ObjectIdentifier |
id_ecdsa_with_shake256
id-ecdsa-with-shake256 OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) algorithms(6) 33 }
|
static ASN1ObjectIdentifier |
id_kp_ct_precertSigning
RFC 6962 sec. 3.1 — Extended Key Usage identifier for an intermediate
CA delegated to sign precertificates.
|
static ASN1ObjectIdentifier |
id_ocsp_ct_sctList
RFC 6962 sec. 3.3 — OCSP response extension carrying a TLS-encoded
SignedCertificateTimestampList when SCTs are delivered through
an OCSP stapling response rather than embedded in the certificate. |
static ASN1ObjectIdentifier |
id_PasswordBasedMac
Deprecated.
Use CRMFObjectIdentifiers.passwordBasedMac instead
|
static ASN1ObjectIdentifier |
id_pda
1.3.6.1.5.5.7.9
|
static ASN1ObjectIdentifier |
id_pe
private internet extensions; OID = 1.3.6.1.5.5.7.1
|
static ASN1ObjectIdentifier |
id_pe_relatedCert
id-pe-relatedCert OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) pe(1) 36 }
Per RFC 9763 sec. 3, the
RelatedCertificate certificate
extension. |
static ASN1ObjectIdentifier |
id_pkix
id-pkix OID: 1.3.6.1.5.5.7
|
static ASN1ObjectIdentifier |
id_rsassa_pss_shake128
id-RSASSA-PSS-SHAKE128 OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) algorithms(6) 30 }
|
static ASN1ObjectIdentifier |
id_rsassa_pss_shake256
id-RSASSA-PSS-SHAKE256 OBJECT IDENTIFIER ::= { iso(1)
identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) algorithms(6) 31 }
|
static ASN1ObjectIdentifier |
id_SHA1
id-SHA1 OBJECT IDENTIFIER ::=
{iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }
OID: 1.3.14.3.2.26
|
static ASN1ObjectIdentifier |
localityName
Subject RDN components: localityName = 2.5.4.7
|
static ASN1ObjectIdentifier |
ocspAccessMethod
OID for ocsp uri in AuthorityInformationAccess extension
|
static ASN1ObjectIdentifier |
organization
Subject RDN components: organization = 2.5.4.10
|
static ASN1ObjectIdentifier |
organizationalUnitName
Subject RDN components: organizationalUnitName = 2.5.4.11
|
static ASN1ObjectIdentifier |
pkix_algorithms
1.3.6.1.5.5.7.6
|
static ASN1ObjectIdentifier |
ripemd160
ripemd160 OBJECT IDENTIFIER ::=
{iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RIPEMD-160(1)}
OID: 1.3.36.3.2.1
|
static ASN1ObjectIdentifier |
ripemd160WithRSAEncryption
ripemd160WithRSAEncryption OBJECT IDENTIFIER ::=
{iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) }
OID: 1.3.36.3.3.1.2
|
static ASN1ObjectIdentifier |
stateOrProvinceName
Subject RDN components: stateOrProvinceName = 2.5.4.8
|
static final ASN1ObjectIdentifier attributeType
static final ASN1ObjectIdentifier commonName
static final ASN1ObjectIdentifier countryName
static final ASN1ObjectIdentifier localityName
static final ASN1ObjectIdentifier stateOrProvinceName
static final ASN1ObjectIdentifier organization
static final ASN1ObjectIdentifier organizationalUnitName
static final ASN1ObjectIdentifier id_at_telephoneNumber
static final ASN1ObjectIdentifier id_at_name
static final ASN1ObjectIdentifier id_at_organizationIdentifier
static final ASN1ObjectIdentifier id_SHA1
OID: 1.3.14.3.2.26
static final ASN1ObjectIdentifier ripemd160
OID: 1.3.36.3.2.1
static final ASN1ObjectIdentifier ripemd160WithRSAEncryption
OID: 1.3.36.3.3.1.2
static final ASN1ObjectIdentifier id_ea_rsa
static final ASN1ObjectIdentifier id_pkix
static final ASN1ObjectIdentifier id_pe
static final ASN1ObjectIdentifier id_pe_relatedCert
Per RFC 9763 sec. 3, the RelatedCertificate certificate
extension. The extension MUST
appear in an end-entity certificate only, SHOULD NOT be marked critical,
and carries a digest of one previously-issued certificate (the "related
certificate") that the CA is asserting belongs to the same end entity —
the mechanism that lets a verifier link a classical and a post-quantum
certificate during hybrid PQ migration without requiring composite
signature algorithms.
static final ASN1ObjectIdentifier pkix_algorithms
static final ASN1ObjectIdentifier id_rsassa_pss_shake128
static final ASN1ObjectIdentifier id_rsassa_pss_shake256
static final ASN1ObjectIdentifier id_ecdsa_with_shake128
static final ASN1ObjectIdentifier id_ecdsa_with_shake256
static final ASN1ObjectIdentifier id_alg_noSignature
static final ASN1ObjectIdentifier id_alg_unsigned
static final ASN1ObjectIdentifier id_pda
static final ASN1ObjectIdentifier id_ad
static final ASN1ObjectIdentifier id_ad_caIssuers
static final ASN1ObjectIdentifier id_ad_ocsp
static final ASN1ObjectIdentifier ocspAccessMethod
static final ASN1ObjectIdentifier crlAccessMethod
static final ASN1ObjectIdentifier id_ce
OID: 2.5.29
static final ASN1ObjectIdentifier id_ct
OID: 1.3.6.1.4.1.11129.2.4
static final ASN1ObjectIdentifier id_ce_ct_embeddedSCTList
SignedCertificateTimestampList for a server
certificate.
OID: 1.3.6.1.4.1.11129.2.4.2
static final ASN1ObjectIdentifier id_ce_ct_precertPoison
OID: 1.3.6.1.4.1.11129.2.4.3
static final ASN1ObjectIdentifier id_kp_ct_precertSigning
OID: 1.3.6.1.4.1.11129.2.4.4
static final ASN1ObjectIdentifier id_ocsp_ct_sctList
SignedCertificateTimestampList when SCTs are delivered through
an OCSP stapling response rather than embedded in the certificate.
OID: 1.3.6.1.4.1.11129.2.4.5
static final ASN1ObjectIdentifier id_ce_ct_transparencyInformation
id_ce_ct_embeddedSCTList. Carries a
TLS-encoded TransItemList whose entries are typed under the
VersionedTransType registry. RFC 9162 deliberately drops the
poison extension and precertificate-signing EKU concepts from v1;
those constants (id_ce_ct_precertPoison and
id_kp_ct_precertSigning) have no v2 counterpart.
OID: 1.3.101.75
static final ASN1ObjectIdentifier id_ct_precertificate
eContentType for a CT v2
precertificate. The v2 precertificate is wrapped as a CMS SignedData
object whose encapContentInfo carries this content type, replacing
the v1 approach of issuing a separate precertificate with a critical
poison extension.
OID: 1.3.101.78
static final ASN1ObjectIdentifier id_PasswordBasedMac