How viable are tls attacks, assuming a signed private cert is compromised, you need network position or other things to trigger routing, no?

So for a bank, a private cert compromise is bad, for a regular low traffic website, probably not so much?