The ESCB-PKI certification authority is identified in its certificate as the issuer and its private key is used to sign certificates. The ESCB-PKI certification authority is in charge of:
issuing private and public key certificates;
issuing revocation lists;
generating key pairs associated with specific certificates, e.g. those that require key recovery;
maintaining overall responsibility for the ESCB-PKI and ensuring that all the requirements necessary to operate it are met.
The ESCB-PKI certification authority includes all individuals, policies, procedures and computer systems entrusted with issuing electronic certificates and assigning them to the certificate subscribers.
The ESCB-PKI certification authority includes two technical components:
The Root ESCB-PKI certification authority: This certification authority, at the first level, only issues certificates for itself and its subordinate certification authorities. It is only in operation when carrying out its own narrowly-defined responsibilities. Its most significant data are:
SHA-1 certificate(1):
| Distinguished name | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Serial number | 596F AC4C 218C 21BC 4E00 6B42 A164 46DD |
| Distinguished name of issuer | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Validity period | From 21-06-2011 11:58:26 to 21-06-2041 11:58:26 |
| Message digest (SHA-1) | CEFE 6C32 E850 994A 09EA 1A77 0C60 3D90 ADC9 9192 |
| Message Digest (SHA-256) | C919 CF49 C024 7E50 2E0C C3C9 81E0 FB88 A013 AA2B 15C9 5142 F491 BDE7 E403 E3FB |
| Cryptographic algorithms | SHA-1/RSA 4096 |
SHA-256 certificate:
| Distinguished name | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Serial number | 4431 9C5F 91E8 162F 4E00 73F6 6AB8 71D8 |
| Distinguished name of Issuer | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Validity period | From 21-06-2011 12:35:34 to 21-06-2041 12:35:34 |
| Message digest (SHA-1) | 3663 2FBA FB19 BDBC A202 3994 1926 ED48 4D72 DD4B |
| Message Digest (SHA-256) | 7963 2A97 1D12 A889 9724 BB35 C37B 51D2 3E21 4DF9 20C3 2450 093E 0EA7 49FB AAEB |
| Cryptographic algorithms | SHA-256/RSA 4096 |
The Online ESCB-PKI certification authority: This certification authority, at the second level, is subordinate to the Root ESCB-PKI certification authority. It is responsible for issuing ESCB-PKI certificates for users. Its most significant data are:
SHA-1 certificate(2):
| Distinguished name | CN= ESCB-PKI ONLINE CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Serial number | 2C13 E18F FDB5 91CE 4E9 550B B5A3 F59C |
| Distinguished name of issuer | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Validity period | From 22-07-2011 12:46:35 to 22-07-2026 12:46:35 |
| Message digest (SHA-1) | D316 026C D2CF 1A8C 4AA3 8C29 EE3D 591E 4286 AD08 |
| Message Digest (SHA-256) | 4B18 7644 BF79 4F83 D000 999D 7927 433F 75F3 CFB1 643A 6D0F 8A25 9435 BE86 1B7A |
| Cryptographic algorithms | SHA-1/RSA 4096 |
SHA-256 certificate:
| Distinguished name | CN= ESCB-PKI ONLINE CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Serial number | 660C 9B12 9A0A 6C21 5509 38DD 54A0 ED2D |
| Distinguished name of Issuer | CN=ESCB-PKI ROOT CA, O=EUROPEAN SYSTEM OF CENTRAL BANKS, C=EU |
| Validity period | From 22-07-2011 12:46:35 to 22-07-2026 12:46:35 |
| Message digest (SHA-1) | E976 D216 4A5F 62DA C058 6BE0 EC10 EF24 36B8 12AC |
| Message Digest (SHA-256) | 1335 26DC 99E9 CC36 62F8 F5FA 2006 3005 BA90 E663 2BF3 4F18 A84B A39B 5FAA 5700 |
| Cryptographic algorithms | SHA-256/RSA 4096” |
This certificate will be used only in systems that do not support higher algorithms.
This certificate will be used only in systems that do not support higher algorithms.