1-12
Parameters
domain-name: Name of the PKI domain, a string of 1 to 15 characters.
Description
Use the display pki crl domain command to display the locally saved CRLs.
Related commands: pki retrieval-crl, pki domain.
Examples
# Display the locally saved CRLs.
<Sysname> display pki crl domain 1
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer:
C=CN
O=abc
OU=soft
CN=A Test Root
Last Update: Jan 5 08:44:19 2004 GMT
Next Update: Jan 5 21:42:13 2004 GMT
CRL extensions:
X509v3 Authority Key Identifier:
keyid:0F71448E E075CAB8 ADDB3A12 0B747387 45D612EC
Revoked Certificates:
Serial Number: 05a234448E…
Revocation Date: Sep 6 12:33:22 2004 GMT
CRL entry extensions:…
Serial Number: 05a278445E…
Revocation Date: Sep 7 12:33:22 2004 GMT
CRL entry extensions:…
Table 1-4 display pki crl domain command output description
Field Description
Version Version of the CRLs
Signature Algorithm Signature algorithm used by the CRLs
Issuer CA issuing the CRLs
Last Update Last update time
Next Update Next update time
CRL extensions Extensions of CRL
X509v3 Authority Key Identifier
CA issuing the CRLs. The certificate version is
X.509v3.
keyid
ID of the public key
A CA may have multiple key pairs. This field
indicates the key pair used by the CRL’s
signature.
To Next Page
Loading...
Need help?
General