View on GitHub

DNSViz: A DNS visualization tool

lists.dns-oarc.net

DNSSEC options (hide)
  1. |?|
  2. |?|
  3. |?|
  4. |?|
  5. |?|
  6. |?|
  7. |?|
Notices
DNSSEC Authentication Chain

RRset statusRRset status

Secure (2)
  • lists.dns-oarc.net/A
  • lists.dns-oarc.net/AAAA

DNSKEY/DS/NSEC statusDNSKEY/DS/NSEC status

Secure (10)
  • ./DNSKEY (alg 8, id 14631)
  • ./DNSKEY (alg 8, id 20326)
  • ./DNSKEY (alg 8, id 42351)
  • dns-oarc.net/DNSKEY (alg 8, id 12093)
  • dns-oarc.net/DNSKEY (alg 8, id 20899)
  • dns-oarc.net/DNSKEY (alg 8, id 7638)
  • dns-oarc.net/DS (alg 8, id 20899)
  • net/DNSKEY (alg 8, id 30944)
  • net/DNSKEY (alg 8, id 35886)
  • net/DS (alg 8, id 35886)

Delegation statusDelegation status

Secure (2)
  • . to net
  • net to dns-oarc.net

NoticesNotices

Warnings (4)
  • dns-oarc.net/DS (alg 8, id 20899): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
  • dns-oarc.net/DS (alg 8, id 20899): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
  • net to dns-oarc.net: Authoritative AAAA records exist for udns1.ultradns.net, but there are no corresponding AAAA glue records.
  • net to dns-oarc.net: Authoritative AAAA records exist for udns2.ultradns.net, but there are no corresponding AAAA glue records.

DNSKEY legend

Full legend
SEP bit setSEP bit set
Revoke bit setRevoke bit set
Trust anchorTrust anchor
Download: png | svg
Warning JavaScript is required to make the graph below interactive.
DNSSEC authentication graph