Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

show security pki crl

Syntax

show security pki crl<brief | detail><ca-profile ca-profile-name>

Release Information

Command introduced in Junos OS Release 8.1.

Description

Display information about the certificate revocation lists (CRLs) that are stored in the router.

Options

none

(same as brief) Display information about all CRLs.

brief | detail

(Optional) Display the specified level of output.

ca-profile ca-profile-name

(Optional) Display CRL information about only the specified CA profile.

Required Privilege Level

view

 

Related Documentation

 

List of Sample Output

show security pki crl
show security pki crl detail

Output Fields

Table 1 shows the output fields for the show security pki crl command. Output fields are listed in the approximate order in which they appear.

Table 1: show security pki crl Output Fields

Field Name

Field Description

Level of Output

CA profile

Name of the configured CA profile.

All levels

CRL version

Revision number of the certificate revocation list.

All levels

CRL number

Number of the certificate revocation list

All levels

CRL Issuer

Device that was issued the certificate revocation list.

All levels

Issuer

Details of the digital certificate holder organized using the distinguished name format. Possible subfields are:

  • Common name—Name of the authority.
  • Organization—Organization of origin.
  • Organizational unit—Department within an organization.
  • State—State of origin.
  • Country—Country of origin.

detail

Effective date

Date and time the certificate revocation list becomes valid.

All levels

Next update

Date and time the router will download the latest version of the certificate revocation list.

All levels

Revocation List

List of digital certificates that have been revoked before their expiration date. Values are:

  • Serial number—Unique serial number of the digital certificate
  • Revocation date—Date and time that the digital certificate was revoked.

detail

Sample Output

show security pki crl

CA profile entrust
	CRL version: V2
	CRL number: 24
	CRL issuer: C=CA, O=juniper
	Effective date: 2006 May 31st, 05:35:25 GMT
	Next update: 2006 Jun 1st, 06:35:25 GMT

show security pki crl detail

CA profile: entrust 
	CRL version: V2 
	CRL number: 24 
	Issuer: 
		Organization: juniper, Country: ca 
	Validity: 
		Effective date: 2006 May 31st, 05:35:25 GMT 
		Next update: 2006 Jun 1st, 06:35:25 GMT 
	Revocation List: 
		Serial number      Revocation date 
		4451aca3 2006      May 25th, 09:13:38 GMT 
		4451aca4 2006      May 25th, 10:11:33 GMT 
		4451acb4 2006      May 29th, 11:28:54 GMT 
		4451aceb 2006      May 29th, 11:29:01 GMT 
		4451acfe 2006      May 29th, 11:29:17 GMT 
		4451acff 2006      May 31st, 05:29:55 GMT

Published: 2013-08-29

Supported Platforms

 

Related Documentation

 

Published: 2013-08-29

Previous Page Next Page