The following fields of the X.509 version 2 CRL format are used by the CAs:
Field | Description |
|---|---|
version | Set to v2 |
Signature | Identifier of the algorithm used to sign the CRL |
Issuer | The full Distinguished Name of the CA issuing the CRL |
This update | Time of CRL issuance |
Next update | Time of next expected CRL update |
Revoked certificates | List of revoked Certificate information |
Version Numbers
No stipulation.
CRL Entry Extensions
CRLs issued support the Authority Key Identifier, crlNumber, invalidityDate, and expiredCertsOnCRL extensions.