Download certificate hierarchy
Trust our root certificate and its subordinates, if you need it.
These are the current certificates in our hierarchy
The final certificates we issue depend on them. You only need to download them if your application, server, or system does not trust them by default. Which is common for most desktop environments.
Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 5A:76:9E:B3:D9:D6:A9:77:0B:DC:1B:F4:12:63:2B:D3:5D:AD:69:BD:F2:4E:E9:CD:75:D2:B6:59:B4:A0:DD:C9
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV RSA1 CLIENTE | SUBORDINATE CA FOR CITIZENS AND REPRESENTATIVES OF ENTITIES (In force until 19/07/2047)
Issuer: ACCV ROOT RSA EIDAS 2023
Hash: A6:6B:48:56:45:A5:D6:6A:57:14:A3:60:E0:2D:DF:3A:B7:18:75:E7:7D:B1:98:BA:32:1A:8F:62:FF:01:D7:E1
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV RSA1 PROFESIONALES | SUBORDINATE CA FOR PUBLIC EMPLOYEES, PSEUDONYM AND COMPANIES (In force until 19/07/2047)
Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 60:AD:C7:42:48:A4:5F:7D:F9:68:58:7F:38:11:9F:50:E9:9B:4E:06:D1:A6:24:1D:C6:B8:F6:D1:9C:D2:A3:8A
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ROOT RSA TLS 2024 | CA RAÍZ (In force until 26/01/2049)
Issuer: ACCV ROOT RSA TLS 2024
Hash: B4:0B:FA:88:80:A0:2F:93:02:56:43:C6:DB:BD:39:DF:19:4A:28:54:D0:76:E1:67:A2:BD:84:67:CF:9E:2C:34
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ROOT ECC TLS 2024 | CA RAÍZ (In force until 26/01/2049)
Issuer: ACCV ROOT ECC TLS 2024
Hash: 79:CD:55:45:52:96:AD:FB:55:CD:F0:DB:E9:17:69:85:A0:B5:03:C5:44:27:6C:5A:93:05:F2:EC:9B:66:69:3A
Key: Elliptic curve secp384r1 – SHA384
CRL: List of revoked certificates.
ACCV ROOT RSA TSA EIDAS 2024 | CA RAÍZ (In force until 26/01/2049)
Issuer: ACCV ROOT RSA TSA EIDAS 2024
Hash: 63:C3:08:0C:C8:BF:63:C9:4C:74:1A:70:DA:EF:52:B5:27:4A:CF:E0:83:EB:8C:EC:29:13:1E:A2:09:38:8C:25
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ROOT ECC TSA EIDAS 2024 | CA RAÍZ (In force until 26/01/2049)
Issuer: ACCV ROOT ECC TSA EIDAS 2024
Hash: AC:CA:DF:EA:BB:86:DD:FA:7F:2B:A1:2E:A3:85:2B:B9:0B:3C:D3:DC:39:B5:83:64:C3:2D:E8:A2:AB:D0:6C:BC
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCV RSA1 TLS | CA SUBORDINADA (In force until 26/01/2049)
Issuer: ACCV ROOT RSA TLS 2024
Hash: 34:64:40:CF:76:74:A5:29:30:55:45:56:33:22:FC:FB:38:F5:A4:B3:F1:E7:E8:52:DF:F8:A4:B7:A5:EF:72:D1
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ECC1 TLS | CA SUBORDINADA (In force until 26/01/2049)
Issuer: ACCV ROOT ECC TLS 2024
Hash: 93:C0:87:AB:93:31:B7:4C:0F:CC:CE:11:BC:61:FB:9F:A6:D4:32:07:7D:8F:10:18:19:4F:A4:CC:A6:64:D7:81
Key: Elliptic curve secp384r1 – SHA384
CRL: List of revoked certificates.
ACCV RSA1 TSA | CA SUBORDINADA (In force until 26/01/2049)
Issuer: ACCV ROOT RSA TSA EIDAS 2024
Hash: FD:D5:AA:DD:52:B5:99:5E:F4:B4:A9:33:A7:89:74:6D:45:59:DA:F2:F1:A1:5A:59:4B:D1:51:AA:18:D9:99:39
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ECC1 TSA | CA SUBORDINADA (In force until 26/01/2049)
Issuer: ACCV ROOT ECC TSA EIDAS 2024
Hash: 67:7C:8F:5F:17:69:6D:CC:96:F5:92:C8:B0:2E:B5:0A:E2:1A:7A:1C:97:09:97:D4:A7:FE:B9:3D:09:4E:99:57
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCV RSA1 COMPONENTES | SUBORDINATE CA FOR ORGAN SEAL AND APPLICATION (In force until 19/07/2047)
Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 50:D5:74:8D:83:1C:28:64:45:9B:23:D8:B9:9D:F5:3D:BA:43:BB:BB:2B:C4:BF:CD:DB:57:31:B5:2B:56:B6:9E
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.
ACCV ROOT ECC EIDAS 2023 | ROOT CA (In force until 18/07/2048)
Issuer: ACCV ROOT ECC EIDAS 2023
Hash: F1:AA:0E:C6:62:70:5B:B2:97:B4:37:F6:7E:A9:E4:65:0E:C5:BC:5E:95:67:57:AA:7F:04:D7:D9:94:54:71:E3
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCV ECC1 CLIENTE | SUBORDINATE CA FOR CITIZENS AND REPRESENTATIVES OF ENTITIES (In force until 19/07/2047)
Issuer: ACCV ROOT ECC EIDAS 2023
Hash: 5C:AF:44:B2:92:3B:14:6C:B5:75:AB:2A:B9:A0:A2:93:A1:34:60:23:35:D9:7E:57:9C:44:49:35:32:F4:84:96
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCV ECC1 PROFESIONALES | SUBORDINATE CA FOR PUBLIC EMPLOYEES, PSEUDONYM AND COMPANIES (In force until 19/07/2047)
Issuer: ACCV ROOT ECC EIDAS 2023
Hash: 34:FD:B6:F3:D2:D1:07:0D:D8:42:8B:CE:11:D6:22:94:E1:FF:2C:49:E8:B1:28:B6:11:60:D7:48:C7:A5:37:AA
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCV ECC1 COMPONENTES | SUBORDINATE CA FOR ORGAN SEAL AND APPLICATION (In force until 19/07/2047)
Issuer: ACCV ROOT ECC EIDAS 2023
Hash: D2:6E:70:2D:03:9A:57:13:DD:AB:F7:10:E4:71:93:73:4E:55:50:71:17:63:78:50:51:78:8D:0F:D2:D7:F4:EA
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.
ACCVRAIZ1 | ROOT CA (Valid until 31/12/2030)
Issuer: ACCVRAIZ1
Hash: 9A:6E:C0:12:E1:A7:DA:9D:BE:34:19:4D:47:8A:D7:C0:DB:18:22:FB:07:1D:F1:29:81:49:6E:D1:04:38:41:13
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.
ACCVCA-120 | CA Subordinate for individuals (Valid until 31/12/2026)
Issuer ACCVRAIZ1
Hash: 2D:E6:20:F2:D1:20:0A:A9:0B:16:C3:CC:F6:70:FD:7E:D1:43:79:AB:06:FA:8B:03:1C:FE:F8:DA:05:1E:A5:A2
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.
ACCVCA-110 | CA Subordinate for companies (Valid until 31/12/2026)
Issuer ACCVRAIZ1
Hash: E9:32:7A:34:7C:BE:1C:B9:4C:DC:9A:A5:4C:B3:1B:6E:43:D6:89:68:D1:7D:09:CE:32:6A:09:1B:FC:2F:0B:11
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.
ACCVCA-130 | CA Subordinate for pseudonim and logon en Windows (Valid until 31/12/2026)
Issuer ACCVRAIZ1
Hash: 57:2B:F8:99:FD:77:43:62:DC:19:21:96:25:EC:C1:57:BB:55:43:4E:A5:16:6D:57:58:DC:4B:4F:89:0D:66:53
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.
TSA1 ACCV 2016 | Time Sealing Authority, TSA (Valid until 25/02/2029)
Issuer ACCVRAIZ1
Hash: 2C:8D:42:33:F9:BC:80:93:4E:46:6F:0C:9F:76:41:1F:65:A5:C1:78:98:30:16:0B:66:68:59:EF:93:DE:25:66
Key: RSA 4096 bits – SHA256
Previous certificates in our hierarchy that are obsolete
You will not need these certificates as a conventional user. Only in very specific cases can expert staff come to need them.
Root CA Generalitat Valenciana | CA Raíz (expired on 01/07/2021)
Issuer: Root CA Generalitat Valenciana
Hash: 8C:4E:DF:D0:43:48:F3:22:96:9E:7E:29:A4:CD:4D:CA:00:46:55:06:1C:16:E1:B0:76:42:2E:F3:42:AD:63:0E
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.
ACCV-CA2 | CA Subordinate for individuals (expired on 01/05/2016)
Issuer: Root CA Generalitat Valenciana
Hash: AF:2A:96:31:00:E0:AB:38:18:E0:AD:5A:D4:38:22:1D:0C:B1:E8:6C:65:5E:5E:5A:9D:D3:1C:87:57:56:43:2C
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.
ACCV-CA1 | CA Subordinate for companies (expired on 01/05/2016)
Issuer: Root CA Generalitat Valenciana
Hash: C7:D8:33:48:A3:0A:A6:7A:79:C7:20:38:D1:EF:E5:33:18:89:E6:4D:A1:47:E2:7A:1D:8F:FE:47:AE:8C:BE:29
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.
ACCV-CA3 | CA Subordinate for logon in Windows (expired on 17/09/2019)
Issuer: Root CA Generalitat Valenciana
Hash: D0:8E:73:76:F4:AD:17:32:EA:1E:CE:B6:6D:64:36:FA:A6:BE:E4:6C:65:4E:40:ED:DB:30:0F:59:FF:DD:E2:24
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.
CAGVA | CA Subordinada individuals (expired on 02/09/2011)
Issuer: Root CA Generalitat Valenciana
Hash: 9D:AE:71:05:BD:9A:45:07:D2:78:21:01:FD:23:19:10:88:3E:22:27:26:47:0E:2D:98:33:3B:68:7F:9A:4F:63
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.
TSA1 ACCV | Time Sealing Authority, TSA (expired on 18/11/2016)
Issuer Root CA Generalitat Valenciana
Hash: 1A:72:05:4C:E9:B7:62:40:7B:ED:A5:6F:A7:C0:2D:B0:E9:6C:2D:91:0A:B3:0A:81:41:BD:3B:49:61:29:C3:72
Key: RSA 2048 bits – SHA1
What it consists of and what it is used for
Why do you need it?
- Because your device trusts your certificate by default
- So that your search engine allows you to navigate without errors
- To properly validate ACCV electronic signatures
- To trust the stamps in the time we issue
How to configure the hierarchy
Please refer to our installation manuals before setting up the certification chain or TSA on your own.
Who should configure the hierarchy or the Sealing Authority
While a few years ago the hierarchy had to be installed manually, now it is not the most common. Currently, manufacturers such as Microsoft, Apple, Mozilla, Adobe or Google or Ubuntu trust us and their state-of-the-art systems and applications come with our Certified Authorities (CAs) set up.
However , if your device is older and shows you an error message when using your certificate, or when browsing our website, there may be a reason why your certification chain is not set up correctly.
Also, if you are a system administrator or developer you may need our hierarchy for the proper functioning of servers or applications that use our certificates and that are your responsibility.
One way or another, if need help, check our manuals or contact our support team.
Which certificates to download
Which subordinate to download?
- ACCVCA-120, if your certificate is a Citizen, Entity Representative, Public Employee or Company Membership. It also applies to Organ Seal, Electronic Office, TLS / SSL, Application or VPN.
- ACCVCA-130, if your certificate is Public Employee with Pseudonym.
- ACCVCA-110, if your certificate is an entity e-seal.
- The TSA does not need a subordinate, it issues ACCVRAIZ1 directly.
How to download and install ACCV certificates
Because your system or browser trusts your certificate by default, you must download ACCVRAIZ1 with a subordinate, or with our Time Seal Authority (TSA) if we talk about time stamps to generate or validate .
01
ACCVRAIZ1
The root of our certification chain. It should always be installed on your device, because it trusts your certificates and web pages.
02
ACCVCA-120
It is the subordinate that issues more certificates and depends on the root ACCVRAIZ1. From it are issued the certificates of Citizen, Entity Representative, Public Employee and Business Membership. Also non-personal ones such as Organ Seal, Electronic Office, Application, SSL or VPN.
03
ACCVCA-130
Equally dependent on the root, issuing Public Employee Certificates with Pseudonym.
04
ACCVCA-110
Daughter of ACCVRAIZ1, she generated the entity’s e-seal certificates. We do not currently issue these certificates, but many are still valid.
05
TSA
To configure the Time Sealing Authority, you need to download this certificate, which also depends on the ACCVRAIZ1 root.
Information that could be useful
These are some of the most common questions we receive. If you do not find an answer to your question, contact us.
How much does it cost?
Downloading the hierarchy is free. While the time stamping service is also free for private use, it has an associated cost for corporate use. Contact with us if you need to know more about this service.
I have a macOS. Do I need to complete the certification chain?
Only state-of-the-art macOS computers include our default installed hierarchy. If your computer is older, you will need to download and install our certificates, as explained in this manual.
I set up the hierarchy on my macOS but my certificate doesn’t work.
Please make sure you have only modified the ACCVRAIZ1 certificate trust. The others should be left in their default settings, as explained in this manual. If the error persists despite this setting, check your antivirus or contact us.
I have an iOS. Do I need to complete the certification chain?
Only the latest generation iOS devices include our default installed hierarchy. If your device is older, you will need to download and install our certificates, as explained in this manual.
I set up the hierarchy on my iOS but my certificate doesn’t work.
First of all, make sure that your device trusts the ACCVRAIZ1 certificate. Then try changing your certificate password to a simpler one with this program. Be careful, you will need to run it on a Windows. If the error persists despite these indications, contact us.
I have a Windows. Do I need to complete the certification chain?
No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.
I have an Android. Do I need to complete the certification chain?
No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.
I have an Ubuntu. Do I need to complete the certification chain?
No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.