RADIUS attribute from rfc5904

---

PKM-SS-Cert

The PKM-SS-Cert Attribute is variable length and MAY be
      transmitted in the Access-Request message.  The Value field is of
      type string and contains the X.509 certificate  binding a
      public key to the identifier of the Subscriber Station.

      The minimum size of an SS certificate exceeds the maximum size of
      a RADIUS attribute.  Therefore, the client MUST encapsulate the
      certificate in the Value fields of two or more instances of the
      PKM-SS-Cert Attribute, each (except possibly the last) having a
      length of 255 octets.  These multiple PKM-SS-Cert Attributes MUST
      appear consecutively and in order within the packet.  Upon
      receipt, the RADIUS server MUST recover the original certificate
      by concatenating the Value fields of the received PKM-SS-Cert
      Attributes in order.

   A summary of the PKM-SS-Cert Attribute format is shown below.  The
   fields are transmitted from left to right.

                          1                   2
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |    Type       |      Len      |    Value...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Type

      137 for PKM-SS-Cert

   Len

      > 2

   Value

      The Value field is variable length and contains a (possibly
      complete) portion of an X.509 certificate.

---