Because nobody has this documented it seems:
If you want to verify that your server is doing OCSP stapling, OpenSSL has you covered. Just run it like this:
$ openssl s_client -status -connect mail.startmail.com:443
CONNECTED(00000006)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = startmail.com
verify return:1
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
Produced At: Apr 26 13:21:00 2020 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
Serial Number: 03D8BD08D6B2BDD5EDB614264A625DC613D0
Cert Status: good
This Update: Apr 26 13:00:00 2020 GMT
Next Update: May 3 13:00:00 2020 GMT
[...]
And that’s it. You just need to add -status to get this output.