Iain Morgan: > > I don't see any way to view the details of a certificate once it is > generated. Having such a capability would be very handy for debugging > purposes to check what constraints, principals, and validity interval > are associated with a given cert. openssl asn1parse, maybe?