centcom.mil
Updated:
2025-03-13 17:57:32 UTC (about a month ago)
Update now
Notices
DNSSEC Authentication Chain
RRset status
Secure (7)
- centcom.mil/A
- centcom.mil/NS
- centcom.mil/NSEC3PARAM
- centcom.mil/NSEC3PARAM
- centcom.mil/NSEC3PARAM
- centcom.mil/SOA
- centcom.mil/TXT
DNSKEY/DS/NSEC status
Secure (13)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 26470)
- ./DNSKEY (alg 8, id 38696)
- centcom.mil/DNSKEY (alg 8, id 27213)
- centcom.mil/DNSKEY (alg 8, id 37611)
- centcom.mil/DNSKEY (alg 8, id 7615)
- centcom.mil/DNSKEY (alg 8, id 9975)
- centcom.mil/DS (alg 8, id 7615)
- centcom.mil/DS (alg 8, id 7615)
- mil/DNSKEY (alg 8, id 44341)
- mil/DNSKEY (alg 8, id 5184)
- mil/DNSKEY (alg 8, id 63500)
- mil/DS (alg 8, id 63500)
Delegation status
Secure (2)
- . to mil
- mil to centcom.mil
Notices
Errors (9)
- centcom.mil/DNSKEY (alg 8, id 27213): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (214.26.165.219, 214.27.97.204, UDP_-_EDNS0_4096_D_KN)
- centcom.mil/DNSKEY (alg 8, id 37611): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (214.26.165.219, 214.27.97.204, UDP_-_EDNS0_4096_D_KN)
- centcom.mil/DNSKEY (alg 8, id 9975): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (214.26.71.170, UDP_-_EDNS0_4096_D_KN)
- centcom.mil/CDS has errors; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/MX has errors; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/CDNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/AAAA has errors; select the "Denial of existence" DNSSEC option to see them.
- z6bdn.qj0yd.centcom.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (10)
- centcom.mil/DS (alg 8, id 7615): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- centcom.mil/DS (alg 8, id 7615): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- centcom.mil/DS (alg 8, id 7615): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- centcom.mil/DS (alg 8, id 7615): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- centcom.mil/CDS has warnings; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/MX has warnings; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/CDNSKEY has warnings; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
- centcom.mil/AAAA has warnings; select the "Denial of existence" DNSSEC option to see them.
- z6bdn.qj0yd.centcom.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.
JavaScript is required to make the graph below interactive.
