Here's a quick tutorial on how manually look & query a CRL list for a certificate revocation status.
If you used Entrust to sign a certificate and you need to revoke it. You can retrieve the certificate serial# and the CA details from the certificate , and use the above link to query the certificate status.
Here's a certificate installed on a F5-LTM, ( take note of the hex serialnumber and the CA issuer )
Next, we pop the serial# in the query input ( after selecting l1k ) and if it's revoked, you will get the status which includes the date/time of revocation
the openssl utility is a good means also for gathering the certificate serial#,
openssl x509 -in < certificatename.crt> -noout -serial
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=