
Certification authority at Banka Slovenije
The Certification Authority at the Bank of Slovenia (CA) issues personal digital certificates for members of personnel and for representatives or employees of the companies and organizations that have a contract with the Bank of Slovenia to work for the Bank of Slovenia.
All digital certificates issued by the CA are stored on the cryptographic module of a smart card.
The CA infrastructure is composed of two hierarchically related CA servers ("Banka Slovenije Root CA" and subordinated "Banka Slovenije EntSub CA").
Digital certificates issued by the CA can be used for:
digital signature/signature verification
digital encryption/decryption
authentication
Address:
Banka Slovenije
Overitelj digitalnih potrdil
Slovenska cesta 35
1505 Ljubljana
Phone: +386 1 471 91 40
Fax: 01 2515 516
Email: [email protected]
Web: http://ca.bsi.si/pki
CA infrastructure
The CA infrastructure is composed of two hierarchically related CA servers as shown in the picture bellow.

The Highest in the hierarchy is "Banka Slovenije Root CA" that issues digital certificates to subordinate CAs.
Subordinated "Banka Slovenije Ent Sub CA" issues digital certificates to individuals.
Digital certificates used by the CA
Banka Slovenije Root CA (Click on link to transfer)
Field | Value |
Version | V3 |
Serial Number | 64 d6 57 2e d9 79 77 84 43 84 43 ec f3 42 f1 02 |
Subject Key identifier | 69 c6 8b 92 01 7f ca 40 1c a4 9f c2 dc a4 85 91 27 23 dc 19 |
Issuer | CN = Banka Slovenije Root CA |
Subject | CN = Banka Slovenije Root CA |
Valid from | 14. june 2013 11:51:26 CET |
Valid to | 14. june 2043 11:51:26 CET |
Public Key | 4096 bit |
Signature algorithm | sha256RSA |
Thumbprint: | 79 7a 52 04 93 b3 e6 e9 f1 5c d5 a2 d5 15 e9 04 e1 70 4d 32 |
Banka Slovenije Ent Sub CA (Click on link to transfer)
Field | Value |
Version | V3 |
Serial Number | 14 fc 79 86 00 00 00 00 00 02 |
Subject Key identifier | 6c 33 15 ad fb b6 1e 0d e8 bb 88 de ba fc 91 cc b1 8d 45 e3 |
Issuer | CN = Banka Slovenije Root CA |
Subject | CN = Banka Slovenije Ent Sub CA |
Valid from | 14. june 2013 13:08:20 CET |
Valid to | 14. june 2028 13:18:20 CET |
Public Key | 4096 bit |
Signature algorithm | sha256RSA |
Thumbprint: | 25 2a 22 bb c5 6e df 1f a0 ce 49 3a d1 ef dd e7 ce 47 80 d2 |
Certificate revocation lists (CRL)
Validity period and issuance frequency of the CRLs is as defined in the table below.
The CA server | CRL validity | CRL issuance frequency |
Banka Slovenije Root CA | 1 year | Every year |
Banka Slovenije Ent SUB CA (complete register) | 7 days | Every 4 days |
Banka Slovenije Ent SUB CA (changes) | 1 day | Every day |
The new CRL is published before the old one expires. After each digital certificate, revocation of the new CRL is published within the validity period of the one already published. The maximum time allowed between the generation of the CRL and its publication in the repository is 60 minutes. CRL contains the following fields:
Version: V2
Signature: The CA signature
Issuer: Distinguished name
thisUpdate: Time of CRL issue
nextUpdate: Time of next CRL issue
revokedCertificate: Serial numbers of revoked certificates
The current register of revoked digital certificates is published at the following addresses:
Certificate Policy (CP)
The policy describes the technical characteristics and level of security of the certification authority's infrastructure and the procedures used by the certification authority to manage the infrastructure and manage the life cycle of issued digital certificates. The policy contains all essential provisions that affect the relationship between the certification authority, the holders of digital certificates issued by the certification authority and third parties relying on these certificates.
Version | Notes and change descriptions |
Version 1 Pravilnik overitelja digitalnih potrdil na Banki Slovenije • CP OID: 1.3.6.1.4.1.27213.2.2.1.1.1.2 | According to the classification scheme of internal acts of the Bank of Slovenia, this act falls into the category of regulations. Due to the change in category, the regulations are marked with version 1 and replace the Digital Certificate Authority Policy at the Bank of Slovenia, version 3. Important additions: |
Version 3 Certificate policy for digital certificates of Certification Authority at Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.1.1.2 | Alignment of policy with new requirements for mutual recognition of digital certificate authorities in the European System of Central Banks. Important additions: |
Version 2 Certificate policy for digital certificates of Certification Authority at Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.1.1.2 | Alignment of policy with new requirements for mutual recognition of digital certificate authorities in the European System of Central Banks. Important additions: |
Version 1 Certificate policy for digital certificates of Certification Authority at Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.1.1.1 | First version of the act. |
Certificate Practices Statement (CPS)
The CPS defines procedures carried out by the CA to manage the lifecycle of digital certificates including application requests, issuances, expirations or revocations. This document also defines procedures performed by the CA to manage the corresponding infrastructure.
Version | Notes and change descriptions |
Version 4 Certificate practices statement of the Certification Authority at the Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.2.1.3 | Comprehensive overhaul of the certification authority's infrastructure and related procedures. |
Version 3 Certificate practices statement of the Certification Authority at the Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.2.1.2 | Public release of the document Important additions: |
Version 2 General procedures of the digital certificate authority at the Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.2.1.2 | The document includes confidential information and is accessible only to the certification body's staff. |
Version 1 General procedures of the digital certificate authority at the Bank of Slovenia • CP OID: 1.3.6.1.4.1.27213.2.2.1.2.1.1 | The document includes confidential information and is accessible only to the certification body's staff. |
Application forms
Zahtevek za pridobitev identifikacijske kartice in/ali digitalnih potrdil
Zahtevek za preklic identifikacijske kartice in/ali digitalnih potrdil
Notifications
4.10.2013 – Expected start of operation of the CA at Banka Slovenije
The CA will start issuing digital certificates on 15.10.2013