diff --git a/get_revoked_keys.sh b/get_revoked_keys.sh
index f9cf6ce..756708f 100755
--- a/get_revoked_keys.sh
+++ b/get_revoked_keys.sh
@@ -15,6 +15,13 @@ clean_up() {
    exit $1
 }
 
+trim() {
+    local var="$*"
+    var="${var#"${var%%[![:space:]]*}"}"   # remove leading whitespace characters
+    var="${var%"${var##*[![:space:]]}"}"   # remove trailing whitespace characters
+    echo -n "$var"
+}
+
 fatal(){
    echo ""
    if $terminal ; then
@@ -107,11 +114,11 @@ fi
 if [[ ${#revoked_serial_arr[@]} -gt 0 ]]; then
    for _serial in ${revoked_serial_arr[@]} ; do
       _cn="$(openssl x509  -noout -text -in ${KEY_DIR}/${_serial}.pem 2> $log_file \
-         | grep -i subject | grep CN | grep -o -E "CN=[^/]*" | cut -d'=' -f2)"
+         | grep -i subject | grep CN | grep -o -E "CN\s*=\s*[^/,]+" | cut -d'=' -f2)"
       if [[ -s "$log_file" ]]; then
          error "$(cat "$log_file")"
       else
-         revoked_cn_arr+=("${_serial}:${_cn}")
+         revoked_cn_arr+=("$_serial:$(trim $_cn)")
       fi
    done
 else