pkiutil verify -crl <crl>
Verifies a CRL (Certificate Revocation List).
pkiutil verify -crl <crl> [-pubkey <pubkey> | -pubcert <pubcert> ]For example:
pkiutil verify -crl ca.crl -pubkey pub.pemSee below for a description of each option.
-crl <crl>
Verify the <crl> CRL, where <crl> is the name of a file containing the CRL.
Mandatory: Yes.
-pubcert <pubcert>
Verify the signature against the public key of the <pubcert> certificate, where <pubcert> is the name of a file containing the certificate.
Mandatory: When omitting the -pubkey command.
-pubkey <pubkey>
Verify the signature against the <pubkey> public key, where <pubkey> is the name of a file containing the key.
Mandatory: When omitting the -pubcert command.