IEEE 1609.2 V2X Certificate Parser
Decode IEEE 1609.2 / ETSI TS 103 097 V2X certificates into a labelled field tree. Supports hex, Base64, and PEM-wrapped Base64 input. Recognises explicit and implicit certificate types, self-signed and HashedId8 issuers, pseudonymous and named CertificateIds, ECDSA-P256 / P-384 / Brainpool key schemes, and Time32 / Duration validity periods. Designed to fail gracefully on truncated or non-conformant input.
Input — IEEE 1609.2 certificate
Decoded tree
What this parser actually does
IEEE 1609.2 certificates are encoded in COER — Canonical Octet Encoding Rules — not DER. There is no off-the-shelf, lightweight client-side COER decoder for the 1609.2 schema, so this tool ships a hand-rolled subset decoder covering the certificate types you are most likely to encounter in V2X / ITS deployments: explicit and implicit certificates, all three IssuerIdentifier choices, the three CertificateId forms named / linkageData / binaryId, Time32 validity periods with the full Duration CHOICE (microseconds through years), verifyKeyIndicator with both verificationKey and reconstructionValue branches, and ECDSA signatures across NIST P-256 / Brainpool P-256r1 / NIST P-384 / Brainpool P-384r1.
Fields the parser does not yet decode — GeographicRegion, SequenceOfPsidSsp permission encodings, PublicEncryptionKey, and the explicit extension addition envelope — are flagged as present-but-opaque, and parsing halts cleanly with a "decoder stopped" marker rather than producing wrong output.
Specs
IEEE 1609.2-2022 §6.4 (CertificateBase, ToBeSignedCertificate, ValidityPeriod, VerificationKeyIndicator). ETSI TS 103 097 (V2X security headers). ETSI TS 102 941 (V2X trust & privacy management).
What this is not
Not a signature verifier. Not a compliance test tool. Not a substitute for a conformance test bench. See the V2X chain validator for structural chain checks.
Privacy guarantees
Client-side only. No network requests during parsing. No telemetry. No cookies set by the tool itself. Paste with confidence even from a regulated environment.
FAQ
Why is the encoding called COER, and not DER like X.509?
COER (Canonical Octet Encoding Rules) is a variant of ASN.1 OER. Where DER uses TLV (tag/length/value) for every field, OER strips the tag/length overhead from most field types and relies on the schema known at compile time. For high-volume signing on PC5 sidelink, the encoding-size saving matters — a 1609.2 certificate is roughly half the size of an X.509 equivalent. The tradeoff: a decoder must know the exact schema; there is no generic "ASN.1 walker" that can parse an unknown 1609.2 certificate without the spec.
What is the difference between an Enrolment Credential and a Pseudonymous Certificate?
An EC is the long-lived hardware-bound identity for the device, issued by the Enrolment Authority after verifying that the requesting key resides in certified hardware. A PC is a short-lived credential issued by the Authorisation Authority for actually signing V2X messages — rotated every few minutes per OBU to defeat location tracking. The AA never sees which EC made the request, thanks to Butterfly Key Expansion. See the V2X PKI technology reference.
Why doesn't the parser verify the signature?
Signature verification requires the issuer's public key. For pseudonymous certificates, the issuer is the Authorisation Authority — not present in the certificate itself, only referenced by HashedId8. The parser can extract the signature scheme and the bytes, but cannot decide whether the signature is valid without an external trust anchor.
Are the example certificates real?
No. All three are synthetic byte sequences hand-encoded to round-trip cleanly through this parser. Key material, HashedId8 values, and signature scalars are constant filler bytes. Do not treat them as conformance test vectors.
Related
V2X chain validator
Structural validation of an end-entity → intermediate → root certificate chain. Linkage checks via WebCrypto SHA-256.
V2X PKI reference
The technical companion: IEEE 1609.2 + ETSI TS 103 097 architecture, EC vs PC, Butterfly Key Expansion, India TRAI CP 30/04/2026 context.