If the certificate doesn't specify CRL distribution points, then (as far as I'm aware) browsers and other certificate validators should have no qualms about validating the certificate. The Root CA won't have a CRL, but the several of Subordinate CA's will, unless the customer operates in a closed environment then a Sub CA without a CRL
CRL is to list certificates which are valid, but are revoked. The starting point for the CRL is the CRL Distribution Point (the CDP), which is a field located in each certificate. The CDP is optional, but most well-run PKI installations include a CDP in each certificate. In the screen shot to the left, you can see the CDP we put in our iLabs (Complete) How to Configure Certificate Authority (ADCS Now our CRL Distribution Points Certificates are published locally. We need to copy them to the Issuing CA. Step 12 – Go to C:\Windows\System32\CertSrv\CertEnroll, you will find our CRL Distribution Point and AIA Certificates. Note: we need to add the CA certificate there as well RFC 3280 - Internet X.509 Public Key Infrastructure CRL Distribution Points do not have their own key pairs. If the CRL is stored in the X.500 Directory, it is stored in the Directory entry corresponding to the CRL distribution point, which may be different than the Directory entry of the CRL issuer. The reason codes associated with a distribution point MUST be specified in onlySomeReasons. CRL Distribution Points - Hewlett Packard Enterprise
If you look at a certificate (remember to look into the leaf certificate), you will find CRL paths in the CDP extension (CRL distribution point extension). You may also find the OCSP path in AIA extension ( authority information access extension ).
Apr 04, 2019
The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. The application that processes the certificate can get the location of the CRL from this extension, download the CRL and then check the revocation of this certificate.
How to Examine any Certificate Revocation List in Windows Aug 06, 2013 OID description for 2.5.29.31 - CRL Distribution Points This field identifies the CRL distribution point or points to which a certificate user should refer to ascertain if the certificate has been revoked. A certificate user can obtain a CRL from an applicable distribution point or it can obtain a current complete CRL from the CA directory entry. How to verify CRL availability and validity and test