eia.gov

Updated: 2021-12-02 23:20:28 UTC (867 days ago) Go to most recent »

DNSSEC options (hide)

|?| RR types:
|?| DNSSEC algorithms:
|?| DS digest algorithms:
|?| Denial of existence:
|?| Redundant edges:
|?| Trust anchors:
- Root zone KSK
|?| Additional trusted keys:

Notices

DNSSEC Authentication Chain

RRset status

Secure (8)

eia.gov/A
eia.gov/AAAA
eia.gov/MX
eia.gov/NS
eia.gov/SOA
eia.gov/SOA
eia.gov/TXT
eia.gov/TXT

DNSKEY/DS/NSEC status

Secure (9)

./DNSKEY (alg 8, id 14748)
./DNSKEY (alg 8, id 20326)
eia.gov/DNSKEY (alg 5, id 34806)
eia.gov/DNSKEY (alg 5, id 35626)
eia.gov/DNSKEY (alg 5, id 48502)
eia.gov/DS (alg 5, id 34806)
gov/DNSKEY (alg 8, id 6229)
gov/DNSKEY (alg 8, id 7698)
gov/DS (alg 8, id 7698)

Delegation status

Secure (2)

. to gov
gov to eia.gov

Notices

Warnings (37)

RRSIG eia.gov/A alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/A alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/A alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/AAAA alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/AAAA alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/AAAA alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/DNSKEY alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/DNSKEY alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/DNSKEY alg 5, id 35626: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 35626: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 48502: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 48502: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/DNSKEY alg 5, id 48502: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/DNSKEY alg 5, id 48502: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/MX alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/MX alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/MX alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/NS alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/NS alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/NS alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/SOA alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/SOA alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/SOA alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
RRSIG eia.gov/TXT alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/TXT alg 5, id 34806: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1).
RRSIG eia.gov/TXT alg 5, id 34806: The value of the Signature Inception field of the RRSIG RR (2021-12-02 23:19:24+00:00) is within possible clock skew range (1 minute) of the current time (2021-12-02 23:20:28+00:00).
eia.gov/DNSKEY (alg 5, id 35626): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (205.254.135.9, 2607:f368:1000:1001::1009, TCP_-_EDNS0_4096_D_KN)
eia.gov/DNSKEY (alg 5, id 48502): The DNSKEY RR was not found in the DNSKEY RRset returned by one or more servers. (205.254.159.231, UDP_-_EDNS0_4096_D_KN)
eia.gov/DNSKEY: The Authoritative Answer (AA) flag was not set in the response. (205.254.135.9, 205.254.159.231, 2607:f368:1000:1001::1009, UDP_-_EDNS0_512_D_KN)
eia.gov/DNSKEY: The server responded with no OPT record, rather than with RCODE FORMERR. (205.254.135.9, 205.254.159.231, 2607:f368:1000:1001::1009, UDP_-_EDNS0_512_D_KN)
eia.gov/DS (alg 5, id 34806): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
eia.gov/DS (alg 5, id 34806): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1).
gov to eia.gov: Authoritative AAAA records exist for phantom.eia.gov, but there are no corresponding AAAA glue records.

DNSKEY legend

Full legend

	SEP bit set
	Revoke bit set
	Trust anchor

eia.gov

RRset status

Secure (8)

DNSKEY/DS/NSEC status

Secure (9)

Delegation status

Secure (2)

Notices

Warnings (37)

DNSKEY legend

See also