display pki crl domain
Syntax
display pki crl domain domain-name [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
domain-name: Name of the PKI domain, a string of 1 to 15 characters.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use display pki crl domain to display the locally saved CRLs.
Related commands: pki domain and pki retrieval-crl.
Examples
# Display the locally saved CRLs.
<Sysname> display pki crl domain 1 Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=CN O=abc OU=soft CN=A Test Root Last Update: Jan 5 08:44:19 2012 GMT Next Update: Jan 5 21:42:13 2012 GMT CRL extensions: X509v3 Authority Key Identifier: keyid:0F71448E E075CAB8 ADDB3A12 0B747387 45D612EC Revoked Certificates: Serial Number: 05a234448E… Revocation Date: Feb 6 12:33:22 2012 GMT CRL entry extensions:… Serial Number: 05a278445E… Revocation Date: Feb 7 12:33:22 2012 GMT CRL entry extensions:…
Table 38: Command output
Field | Description |
---|---|
Version | Version of the CRL. |
Signature Algorithm | Signature algorithm used by the CRLs. |
Issuer | CA issuing the CRLs. |
Last Update | Last update time. |
Next Update | Next update time. |
CRL extensions | Extensions of CRL. |
X509v3 Authority Key Identifier | CA issuing the CRLs. The certificate version is X.509 v3. |
keyid | ID of the public key. A CA might have multiple key pairs. This field indicates the key pair used by the CRL’s signature. |
Revoked Certificates | Revoked certificates. |
Serial Number | Serial number of the revoked certificate. |
Revocation Date | Revocation date of the certificate. |