1PrettyPrintCrl(1)             PKI CRL Print Tool             PrettyPrintCrl(1)
2
3
4

NAME

6       PrettyPrintCrl - reads a certificate revocation list (CRL) stored in an
7       ASCII base-64 encoded file and outputs it in a readable format.
8
9

SYNOPSIS

11       PrettyPrintCrl input-file [output-file]
12
13

DESCRIPTION

15       The PrettyPrintCrl command provides  a  command-line  utility  used  to
16       print  the  contents of a CRL stored as ASCII base-64 encoded data in a
17       file to a readable format.  The output of this command is displayed  to
18       standard output, but can be optionally saved into a specified file.
19
20

OPTIONS

22       <input-file>
23           Mandatory.  Specifies  the path to the file that contains the ASCII
24       base-64 encoded CRL.
25
26
27       <output-file>
28           Optional. Specifies the path to the file to write the CRL.
29           If the output file is not specified, the CRL information is written
30       to the standard output.
31
32

EXAMPLES

34       The  following  example  PrettyPrintCrl command takes the ASCII base-64
35       encoded CRL in the ascii_data.crl  file  and  writes  the  CRL  in  the
36       pretty-print format to the output file crl.out:
37
38
39              $ PrettyPrintCrl ascii_data.crl crl.out
40
41
42
43       For  this  example,  the base-64 encoded CRL data in the ascii_data.crl
44       looks like the following:
45
46
47              -----BEGIN X509 CRL-----
48              MIICVDCCATwCAQEwDQYJKoZIhvcNAQELBQAwTjErMCkGA1UECgwidXNlcnN5cy5y
49              ZWRoYXQuY29tIFNlY3VyaXR5IERvbWFpbjEfMB0GA1UEAwwWQ0EgU2lnbmluZyBD
50              ZXJ0aWZpY2F0ZRcNMTYwNzIyMjExMjUwWhcNMTYwNzIyMjMwMDAwWjCBiDAgAgEK
51              Fw0xNjA3MjIyMDU1MTZaMAwwCgYDVR0VBAMKAQYwIAIBCRcNMTYwNzIyMjEwMTU2
52              WjAMMAoGA1UdFQQDCgEGMCACAQgXDTE2MDcyMjIxMTIyNVowDDAKBgNVHRUEAwoB
53              ATAgAgEHFw0xNjA3MjIyMTAxNTZaMAwwCgYDVR0VBAMKAQagLzAtMB8GA1UdIwQY
54              MBaAFLs2mF1ly4jghyM3b1v3r4uK67q1MAoGA1UdFAQDAgEKMA0GCSqGSIb3DQEB
55              CwUAA4IBAQCjnwpdLVU4sg3GnOFQiHpBuWspevzj0poHQs9b4Uv17o0MC4irftkR
56              zRBVgwLvdSd5WFEUSbhWVjhS4o4w84BXdmti/+UBS+mOVNxiKqs3Z7Fxcg+mCsiH
57              SDWT3iiqZVqlPMOKDzIQGj4XeArSBK13qjNdwKzVJZlXYfwzdDtyVKBJcoETXGZ3
58              irU8RTXo7OhO6xKDAaHjzVVynjfGdIDaavl1fjwXFufwZBeiXm1zyyFSvDUdny4G
59              29NTmM2945jCESeR7DV2q1LHG/v2rzCOKTWdPdXTPCics05KzUA4S6X+mp051wkh
60              yJM2LYpV6lKV6JiczHLrgf5QcqfwSkTX
61              -----END X509 CRL-----
62
63
64
65       The CRL in pretty-print format in the crl.out file looks like the  fol‐
66       lowing:
67
68
69                  Certificate Revocation List:
70                      Data:
71                          Version:  v2
72                          Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
73                          Issuer: CN=CA Signing Certificate,O=example.com Security Domain
74                          This Update: Friday, July 22, 2016 3:12:50 PM MDT America/Denver
75                          Next Update: Friday, July 22, 2016 5:00:00 PM MDT America/Denver
76                          Revoked Certificates:
77                              Serial Number: 0xA
78                              Revocation Date: Friday, July 22, 2016 2:55:16 PM MDT America/Denver
79                              Extensions:
80                                  Identifier: Revocation Reason - 2.5.29.21
81                                      Critical: no
82                                      Reason: CA_Compromise
83                              Serial Number: 0x9
84                              Revocation Date: Friday, July 22, 2016 3:01:56 PM MDT America/Denver
85                              Extensions:
86                                  Identifier: Revocation Reason - 2.5.29.21
87                                      Critical: no
88                                      Reason: Affiliation_Changed
89                              Serial Number: 0x8
90                              Revocation Date: Friday, July 22, 2016 3:12:25 PM MDT America/Denver
91                              Extensions:
92                                  Identifier: Revocation Reason - 2.5.29.21
93                                      Critical: no
94                                      Reason: Key_Compromise
95                              Serial Number: 0x7
96                              Revocation Date: Friday, July 22, 2016 3:01:56 PM MDT America/Denver
97                              Extensions:
98                                  Identifier: Revocation Reason - 2.5.29.21
99                                      Critical: no
100                                      Reason: Certificate_Hold
101                      Extensions:
102                          Identifier: Authority Key Identifier - 2.5.29.35
103                              Critical: no
104                              Key Identifier:
105                                  BB:36:98:5D:65:CB:88:E0:87:23:37:6F:5B:F7:AF:8B:
106                                  8A:EB:BA:B5
107                          Identifier: CRL Number - 2.5.29.20
108                              Critical: no
109                              Number: 10
110                      Signature:
111                          Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11
112                          Signature:
113                              A3:9F:0A:5D:2D:55:38:B2:0D:C6:9C:E1:50:88:7A:41:
114                              B9:6B:29:7A:FC:E3:D2:9A:07:42:CF:5B:E1:4B:F5:EE:
115                              8D:0C:0B:88:AB:7E:D9:11:CD:10:55:83:02:EF:75:27:
116                              79:58:51:14:49:B8:56:56:38:52:E2:8E:30:F3:80:57:
117                              76:6B:62:FF:E5:01:4B:E9:8E:54:DC:62:2A:AB:37:67:
118                              B1:71:72:0F:A6:0A:C8:87:48:35:93:DE:28:AA:65:5A:
119                              A5:3C:C3:8A:0F:32:10:1A:3E:17:78:0A:D2:04:AD:77:
120                              AA:33:5D:C0:AC:D5:25:99:57:61:FC:33:74:3B:72:54:
121                              A0:49:72:81:13:5C:66:77:8A:B5:3C:45:35:E8:EC:E8:
122                              4E:EB:12:83:01:A1:E3:CD:55:72:9E:37:C6:74:80:DA:
123                              6A:F9:75:7E:3C:17:16:E7:F0:64:17:A2:5E:6D:73:CB:
124                              21:52:BC:35:1D:9F:2E:06:DB:D3:53:98:CD:BD:E3:98:
125                              C2:11:27:91:EC:35:76:AB:52:C7:1B:FB:F6:AF:30:8E:
126                              29:35:9D:3D:D5:D3:3C:28:9C:B3:4E:4A:CD:40:38:4B:
127                              A5:FE:9A:9D:39:D7:09:21:C8:93:36:2D:8A:55:EA:52:
128                              95:E8:98:9C:CC:72:EB:81:FE:50:72:A7:F0:4A:44:D7
129
130
131

SEE ALSO

133       PrettyPrintCert(1), pki(1)
134
135

AUTHORS

137       Matthew Harmsen <mharmsen@redhat.com>.
138
139
141       Copyright  (c)  2016 Red Hat, Inc.  This is licensed under the GNU Gen‐
142       eral Public License, version 2 (GPLv2).  A  copy  of  this  license  is
143       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
144
145
146
147PKI                              July 20, 2016               PrettyPrintCrl(1)
Impressum