caltech.edu

Updated: 2020-04-06 19:01:48 UTC (1480 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Bogus (5)

caltech.edu/A
caltech.edu/MX
caltech.edu/NS
caltech.edu/SOA
caltech.edu/TXT

DNSKEY/DS/NSEC status

Bogus (3)

caltech.edu/DNSKEY (alg 8, id 3435)
caltech.edu/DNSKEY (alg 8, id 46795)
caltech.edu/DNSKEY (alg 8, id 9606)

Secure (7)

./DNSKEY (alg 8, id 20326)
./DNSKEY (alg 8, id 33853)
./DNSKEY (alg 8, id 48903)
caltech.edu/DS (alg 8, id 46795)
edu/DNSKEY (alg 8, id 28065)
edu/DNSKEY (alg 8, id 50054)
edu/DS (alg 8, id 28065)

Delegation status

Bogus (1)

edu to caltech.edu

Secure (1)

. to edu

Notices

Errors (11)

RRSIG caltech.edu/A alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 11:05:09+00:00) is 7 hours, 56 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 46795: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 46795: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/DNSKEY alg 8, id 46795: The Signature Expiration field of the RRSIG RR (2020-04-06 18:43:28+00:00) is 18 minutes in the past.
RRSIG caltech.edu/MX alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 10:08:13+00:00) is 8 hours, 53 minutes in the past.
RRSIG caltech.edu/NS alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 12:11:55+00:00) is 6 hours, 49 minutes in the past.
RRSIG caltech.edu/TXT alg 8, id 3435: The Signature Expiration field of the RRSIG RR (2020-04-06 11:05:09+00:00) is 7 hours, 56 minutes in the past.
edu to caltech.edu: No valid RRSIGs made by a key corresponding to a DS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. (131.215.139.100, 131.215.254.99, 131.215.254.100, 131.243.64.3, 204.67.3.2, 2620:83:8000:140::3, UDP_-_EDNS0_4096_D_K)

Warnings (2)

caltech.edu/DS (alg 8, id 46795): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
caltech.edu/DS (alg 8, id 46795): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

caltech.edu

RRset status

Bogus (5)

DNSKEY/DS/NSEC status

Bogus (3)

Secure (7)

Delegation status

Bogus (1)

Secure (1)

Notices

Errors (11)

Warnings (2)

DNSKEY legend

See also