262
Related commands
• certificate request polling
• pki domain
• pki retrieve-certificate
display pki crl
Use display pki crl domain to display information about the locally saved CRLs.
Syntax
display pki crl domain domain-name
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
domain domain-name: Specifies the name of a PKI domain, a case-insensitive string of 1 to 31 characters.
The domain name cannot contain the following special characters: tilde (~), asterisk (*), backslash (\),
vertical bar (|), colon (:), dot (.), left angle bracket (<), right angle bracket (>), quotation marks ("), and
apostrophe (').
Usage guidelines
Use this command to check whether a certificate has been revoked.
Examples
# Display information about the locally saved CRLs.
<Sysname> display pki crl domain aaa
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=cn/O=docm/OU=sec/CN=therootca
Last Update: Apr 28 01:42:13 2011 GMT
Next Update: NONE
CRL extensions:
X509v3 CRL Number:
6
X509v3 Authority Key Identifier:
keyid:49:25:DB:07:3A:C4:8A:C2:B5:A0:64:A5:F1:54:93:69:14:51:11:EF
Revoked Certificates:
Serial Number: CDE626BF7A44A727B25F9CD81475C004
Revocation Date: Apr 28 01:37:52 2011 GMT
CRL entry extensions:
Invalidity Date:
Apr 28 01:37:49 2011 GMT
To Next Page
Loading...
Need help?
General
