They are also known as the X509v3 extensions because they are defined in the x509 certificate format.
The most known and extension are:
- the keyUsage that determines the principal usage
- the extended keyUsage that determines the purpose of the usage
How to see the extensions ?
- with portcle
- With Openssl x509 2)
openssl x509 -in cert.pem -noout -text # the whole cert openssl x509 -in cert.pem -noout -ext subjectAltName,nsCertType # only a subset