Is there a rate limit on OCSP requests?

Indeed, removing the -sha512 flag fixed this. Thanks.

However, if I move the -sha512 flag to the end of the line, it also works. Like so

$ openssl ocsp -noverify -issuer chain.pem -cert cert.pem -url http://ocsp.int-x1.letsencrypt.org/ -header Host ocsp.int-x1.letsencrypt.org -sha512

I will investigate a bit more. My guess it that the flag isn’t even honored at the end of the line.

Edit: Technically, if the OCSP response says this:

This Update: Dec 25 20:00:00 2015 GMT
Next Update: Jan  1 20:00:00 2016 GMT

would it be OK to say that any further OCSP requests before 2016-01-01 20:00 are essentially useless? So I can stretch the update interval beyond one day, up to a week? I just want to find the best balance.