Thursday 19 May 2016

Get x059 certificate extensions in C#

This is how you could get following X509Extension details in C#

  • Subject alternative name
  • CRL distribution points,
  • Authority information access,
  • certificate policies,
  • Thumbprint algorithm 

[1]Certificate Policy:
     Policy Identifier=2.16.356.100.2.2

Key Usage
Digital Signature, Non-Repudiation (c0)

[1]Authority Info Access
     Access Method=Certification Authority Issuer (
     Alternative Name:
[2]Authority Info Access
     Access Method=On-line Certificate Status Protocol (
     Alternative Name:


Simple C# example given below:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

namespace x059_certificate_extensions_in_Csharp
    class Program
        static void Main(string[] args)
            string folder = System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location);
            X509Certificate2 cert = new X509Certificate2( folder + "\\dgft.cer");

            foreach (X509Extension ext in cert.Extensions)
                //get all extension information of certificate like, 
                AsnEncodedData asndata = new AsnEncodedData(ext.Oid, ext.RawData);

See also:
How to get X509Certificate2 certificate intended purposes in C#?