Yubico Object ID (OID) Arc

The arc from Yubico’s OID is described in this guide. Object IDentifiers (OIDs) are a standardized method for naming objects, concepts, or persistent nameable things. The arc defines the subtree from Yubico’s OID. Each node (the number between each dot) in the OID, identifies the controlling authority for that node.

Yubico’s private enterprise OID is:

Where - - identifies the authorities: iso.identified-organization.dod.internet.private.enterprise

41482 - identifies Yubico

The Yubico OID including the arc, has the format:


xx.xx - are numbers that assigns a Yubico product type and attributes that are relevant to the product type. This can include physical type, certificate extensions, class, or other attribute. Also, depending upon the product type, the second node is not always used.

OID Product Arc

Base Prefix

The values in the table are added to the Yubico OID to identify the Yubico product type.

For the Form Factor OID, it matches the values for form factors listed in the Configuration Reference.

Yubico OID Allocation Arc Values

Within that arc, Yubico has a number of allocations. For each Sub-tree identified, additional OIDs are included to provide relevant details.

For attribute subtree values of the products, see their respective chapters.

Number Description
1 U2F Device Type Sub-tree
2 U2F Device Identifier
3 PIV attestation Sub-tree
4 YubiCrypt attestation Sub-tree
5 OpenPGP attestation
6 Yk Quorum attestation Sub-tree
10 LDAP Classes
11 LDAP Attributes
13 FIDO Attributes Sub-tree

Sample OID with Product Type This represents an OID containted in an Attestation certificate for FIDO by Yubico. Within this certificate, each OID will include details specific to the FIDO credential and attestation certificate.