Voir expiration d’un certificat :

client/serveur :
openssl x509 -in /etc/openvpn/easy-rsa/pki/issued/mon-pc-client.crt -text | grep "Not After"

CA :
openssl x509 -in /etc/openvpn/easy-rsa/pki/ca.crt -text | grep "Not After"

Tous les certificats clients/serveur :
for i in $(ls /etc/openvpn/easy-rsa/pki/issued/*.crt); do echo $i; openssl x509 -in $i -text | grep "Not After"; done

Vérifier validité certificat :
openssl verify -CAfile /etc/openvpn/easy-rsa/pki/ca.crt /etc/openvpn/easy-rsa/pki/issued/mon-pc-client.crt