diff --git a/include/opendht/crypto.h b/include/opendht/crypto.h
index efee4c0c8a1055ebfc50f46bcc98a3f98b397e03..3d4f4d52e3b802b7e8a7bf72f2b2d8d587cb194e 100644
--- a/include/opendht/crypto.h
+++ b/include/opendht/crypto.h
@@ -213,6 +213,12 @@ public:
      */
     Blob getNumber() const;
 
+    /** Read CRL issuer Common Name (CN) */
+    std::string getIssuerName() const;
+
+    /** Read CRL issuer User ID (UID) */
+    std::string getIssuerUID() const;
+
     time_point getUpdateTime() const;
     time_point getNextUpdateTime() const;
 
diff --git a/src/crypto.cpp b/src/crypto.cpp
index c320136ccd4e3cd7c969cbbe186f993a90f13ee6..0c91d885768fb3e18638bffacbd6a7a4dd1f0b2f 100644
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -962,6 +962,32 @@ RevocationList::revoke(const Certificate& crt, std::chrono::system_clock::time_p
         throw CryptoException(std::string("Can't revoke certificate: ") + gnutls_strerror(err));
 }
 
+static std::string
+getCRLIssuerDN(gnutls_x509_crl_t cert, const char* oid)
+{
+    std::string dn;
+    dn.resize(512);
+    size_t dn_sz = dn.size();
+    int ret = gnutls_x509_crl_get_issuer_dn_by_oid(cert, oid, 0, 0, &(*dn.begin()), &dn_sz);
+    if (ret != GNUTLS_E_SUCCESS)
+        return {};  
+    dn.resize(dn_sz);
+    return dn;
+}
+
+std::string
+RevocationList::getIssuerName() const
+{
+    return getCRLIssuerDN(crl, GNUTLS_OID_X520_COMMON_NAME);
+}
+
+/** Read CRL issuer User ID (UID) */
+std::string
+RevocationList::getIssuerUID() const
+{
+    return getCRLIssuerDN(crl, GNUTLS_OID_LDAP_UID);
+}
+
 RevocationList::time_point
 RevocationList::getNextUpdateTime() const
 {