SWITCHaai Root CA Repository

This is the repository for the SWITCHaai Root CA, which is mainly a collection of reference material about this certification authority.

CP/CPS Documents

Archived CP/CPS versions

CA Hierarchy

Currently, the SWITCHaai Root CA has two subordinate CAs, as depicted below:

SWITCHaai Root CA hierarchy

CA Certificates

  • SWITCHaai Root CA certificate: DER format PEM format
    Validity:2008-05-15 to 2028-05-15
    SHA256 Fingerprint:37:DC:E4:D7:1C:24:42:32:6A:0F:85:B6:12:00:22:C7:54:AA:FF:B2:8C:BF:CF:69:EB:F3:F7:31:90:3C:09:5A
    SHA1 Fingerprint:3C:E2:5A:E0:9D:B4:BB:2B:FD:33:3C:22:80:39:F7:FC:4A:F9:2C:E9
  • SWITCHaai Metadata Signing CA 2015 certificate: DER format PEM format
    Validity:2015-07-15 to 2020-07-15
    Signing CA:SWITCHaai Root CA
    SHA256 Fingerprint:66:0D:59:C0:B1:DE:F0:61:C5:8C:51:77:3F:18:B6:56:1D:F1:0D:7B:83:2F:8F:33:D4:06:BD:CB:5B:75:30:92
    SHA1 Fingerprint:C1:09:EA:FC:CE:CB:16:A6:3E:6D:B3:16:F5:C2:AC:AA:3B:F5:0D:BC
  • SWITCHaai Interfederation Metadata Signing CA 2015 certificate: DER format PEM format
    Validity:2015-07-15 to 2020-07-15
    Signing CA:SWITCHaai Root CA
    SHA256 Fingerprint:27:8C:B7:7A:F4:5B:46:FB:11:84:47:EE:93:DA:45:9D:19:F2:25:87:12:A3:F2:E3:6F:75:B1:A5:4A:DA:38:29
    SHA1 Fingerprint:B0:AE:DE:E0:45:09:59:34:4F:04:38:25:32:64:79:82:A4:3B:8B:19
  • SWITCHaai Metadata Signing CA 2020 certificate: DER format PEM format
    Validity:2020-06-01 to 2025-06-01
    Signing CA:SWITCHaai Root CA
    SHA256 Fingerprint:0F:79:36:01:D3:A6:6D:42:37:BA:52:38:16:29:94:CF:0D:30:84:46:EF:6A:EC:3F:F2:8B:B8:D8:8A:04:29:78
    SHA1 Fingerprint:93:6D:7A:C1:91:5C:16:7C:9D:77:3B:C1:58:3B:9E:C5:DF:D5:D8:12
  • SWITCHaai Interfederation Metadata Signing CA 2020 certificate: DER format PEM format
    Validity:2020-06-01 to 2025-06-01
    Signing CA:SWITCHaai Root CA
    SHA256 Fingerprint:E2:3E:47:5A:DE:DF:FD:86:68:BF:8F:78:6F:02:5D:CE:C0:1B:09:48:D5:93:19:FF:70:72:50:52:9A:B7:5F:9B
    SHA1 Fingerprint:A5:E5:DE:3E:34:B3:47:01:7A:CA:9E:19:07:DC:47:48:B9:0C:0E:A3

Metadata Signer Certificates

Note: Usually, the "SWITCHaai Root CA" certificate should be used to verify the metadata signatures. If a SAML implementation doesn't support this, the following certificates can be configured for metadata verification. In this case, deployers need to make sure to update the certificate when SWITCH starts using a new one.

  • SWITCHaai Metadata Signer 2018 certificate: DER format PEM format
    Validity:2018-06-01 to 2020-07-15
    Signing CA:SWITCHaai Metadata Signing CA 2015
    SHA256 Fingerprint:8C:30:CA:78:A9:1F:2F:4B:45:2F:EF:FC:99:26:6A:AD:2F:44:C8:80:AE:C4:17:0D:8F:0E:29:DE:EB:2B:9C:6E
    SHA1 Fingerprint:80:D1:A5:3C:B3:50:7C:75:68:C1:58:E5:B0:45:F8:EE:7F:B0:24:E3
    Signed metadata files:metadata.switchaai.xml, metadata.switchaai+idp.xml, metadata.switchaai+sp.xml, metadata.aaitest.xml, metadata.aaitest+idp.xml, metadata.aaitest+sp.xml, metadata.eduid.xml, metadata.eduid-test.xml, metadata.edugain.xml
  • SWITCHaai Interfederation Metadata Signer 2018 certificate: DER format PEM format
    Validity:2018-06-01 to 2020-07-15
    Signing CA:SWITCHaai Interfederation Metadata Signing CA 2015
    SHA256 Fingerprint:6E:E2:B2:7C:6B:60:F3:67:CB:B3:F4:9C:79:9A:58:B1:41:88:B5:9F:26:E1:DA:DF:F9:01:76:21:D8:C0:FB:DA
    SHA1 Fingerprint:66:CD:3F:00:1E:17:AF:71:07:7E:C8:7B:62:4E:E6:13:4E:EC:82:D4
    Signed metadata files:metadata.interfederation.xml, metadata.interfederation+idp.xml, metadata.interfederation+sp.xml
  • SWITCHaai Metadata Signer 2020 certificate: DER format PEM format
    Validity:2020-06-01 to 2023-06-01
    Signing CA:SWITCHaai Metadata Signing CA 2020
    SHA256 Fingerprint:C5:51:37:61:18:E5:B1:AD:69:7B:9A:A0:7F:68:C8:05:5E:92:BF:40:E9:AE:DC:39:72:96:9F:F5:85:70:E0:EB
    SHA1 Fingerprint:9D:1F:D2:F9:93:E6:2C:18:20:9A:FF:35:20:5C:FB:4A:DB:80:44:8C
    Signed metadata files:metadata.switchaai.xml, metadata.switchaai+idp.xml, metadata.switchaai+sp.xml, metadata.aaitest.xml, metadata.aaitest+idp.xml, metadata.aaitest+sp.xml, metadata.eduid.xml, metadata.eduid-test.xml, metadata.edugain.xml
  • SWITCHaai Interfederation Metadata Signer 2020 certificate: DER format PEM format
    Validity:2020-06-01 to 2023-06-01
    Signing CA:SWITCHaai Interfederation Metadata Signing CA 2020
    SHA256 Fingerprint:03:6F:6A:6B:B5:05:09:A0:83:8A:B2:59:F9:2E:2F:6D:16:35:F6:55:FA:9D:9F:FF:FB:09:15:9A:BC:19:66:1C
    SHA1 Fingerprint:EC:AE:DD:58:26:25:01:35:E5:1B:87:FA:5D:76:E7:FA:43:57:3B:8A
    Signed metadata files:metadata.interfederation.xml, metadata.interfederation+idp.xml, metadata.interfederation+sp.xml

Certificate Revocation Lists (CRL)