bw
Updated:
2024-10-26 20:23:51 UTC (29 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Bogus (2)
- bw/NSEC3PARAM
- bw/SOA
Secure (5)
- bw/CDNSKEY
- bw/CDS
- bw/NS
- bw/NSEC3PARAM
- bw/SOA
DNSKEY/DS/NSEC status
Bogus (1)
- bw/DNSKEY (alg 13, id 19256)
Secure (5)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 61050)
- bw/DNSKEY (alg 13, id 30113)
- bw/DNSKEY (alg 13, id 62453)
- bw/DS (alg 13, id 62453)
Delegation status
Secure (1)
- . to bw
Notices
Errors (18)
- . to bw: No valid RRSIGs made by a key corresponding to a DS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. See RFC 4035, Sec. 2.2, RFC 6840, Sec. 5.11. (196.216.168.72, 2001:43f8:120::72, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
- RRSIG bw/CDS alg 13, id 62453: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- RRSIG bw/DNSKEY alg 13, id 62453: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- RRSIG bw/DNSKEY alg 13, id 62453: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- RRSIG bw/NS alg 13, id 19256: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- RRSIG bw/NSEC3PARAM alg 13, id 19256: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- RRSIG bw/SOA alg 13, id 19256: The Signature Expiration field of the RRSIG RR (2024-10-26 04:01:47+00:00) is 16 hours, 22 minutes in the past. See RFC 4035, Sec. 5.3.1.
- bw/CDNSKEY: No valid RRSIGs made by a key corresponding to a CDNSKEY RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. See RFC 4035, Sec. 2.2, RFC 6840, Sec. 5.11, RFC 7344, Sec. 3, RFC 7344, Sec. 5. (196.216.168.72, 2001:43f8:120::72, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
- bw/CDS: No valid RRSIGs made by a key corresponding to a CDS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. See RFC 4035, Sec. 2.2, RFC 6840, Sec. 5.11, RFC 7344, Sec. 3, RFC 7344, Sec. 5. (196.216.168.72, 2001:43f8:120::72, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
- bw/DNSKEY (alg 13, id 19256): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (168.167.98.226, 168.167.168.37, 196.216.168.72, 204.61.216.70, 2001:500:14:6070:ad::1, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
- bw/DNSKEY (alg 13, id 30113): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (196.216.168.72, 2001:43f8:120::72, UDP_-_EDNS0_4096_D_KN, UDP_-_EDNS0_512_D_KN)
- bw/DNSKEY (alg 13, id 62453): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (196.216.168.72, UDP_-_EDNS0_512_D_KN)
- bw/DS: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (192.33.4.12, UDP_-_NOEDNS_)
- bw/NS: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (192.33.4.12, UDP_-_NOEDNS_)
- bw/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
- bw/DNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
- bw/DS has errors; select the "Denial of existence" DNSSEC option to see them.
- qkc4v.3f8ym.bw/A has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (5)
- bw/DS (alg 13, id 62453): The server appears to support DNS cookies but did not return a COOKIE option. See RFC 7873, Sec. 5.2.3. (2001:500:2f::f, UDP_-_EDNS0_4096_D_KN)
- bw/DS (alg 13, id 62453): The server appears to support DNS cookies but did not return a COOKIE option. See RFC 7873, Sec. 5.2.3. (2001:500:2f::f, UDP_-_EDNS0_4096_D_KN)
- bw/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
- bw/DS has warnings; select the "Denial of existence" DNSSEC option to see them.
- qkc4v.3f8ym.bw/A has warnings; select the "Denial of existence" DNSSEC option to see them.
JavaScript is required to make the graph below interactive.
