A certificate contains a variety of information which is important for it to fulfil its purpose. Some information is obligatory, some is optional. A certificate can also be stored in a variety of different formats. An X.509-standard certificate contains the following information, for example:
- Version: This is the relevant version of the X.509 standard. The current (06.2005) version is 'v3'.
- Serial number: This is a unique number that identifies the certificate.
- Signature algorithm: This identifies the algorithm that the issuer used to sign the certificate. The digital signature of the issuer is also to be found here.
- Validity: Certificates are valid for a limited period of time. This entry indicates the duration of the certificate's validity.
- Issuer: This identifies the issuer, for example by name, e-mail address, nationality, etc.
- Subject: This identifies the certificate's owner, for example by name, institution, e-mail address, nationality, city, etc.
- Subject public key: Information indicating the method used to generate the public key used by the certificate's owner. The owner's public key is also to be found under this item.