Check if certificate is revoked via OCSP. Free OCSP checker online.
The OCSP (Online Certificate Status Protocol) Checker queries the CA's OCSP responder to determine whether a certificate has been revoked. You provide the certificate (or the tool fetches it from a domain), and it sends an OCSP request to the URL from the cert's Authority Information Access extension. The response indicates Good, Revoked, or Unknown. Use it to verify that a cert you rely on has not been revoked, to debug revocation-related errors, or to confirm that your own cert is still valid after a potential compromise. OCSP is one of two main revocation mechanisms (the other is CRL). Some servers also use OCSP stapling, where the server caches and sends the OCSP response during the TLS handshake; this checker can test direct OCSP or help validate stapling behavior.
Online Certificate Status Protocol. The CA runs a responder that says whether a certificate is good, revoked, or unknown.
Private key compromise, domain change, or CA error. Revoked certs should not be trusted.
OCSP is a request/response for one cert; CRL is a list of revoked serials. Both are used; OCSP is more common for real-time checks.
Clients may treat the cert as valid (fail-open) or reject (fail-closed), depending on policy. Stapling can reduce dependency on CA availability.
This tool checks OCSP status. Use an OCSP stapling checker to see if the server sends a staple in the handshake.