fail03.dnssec.works
Updated:
2025-05-31 11:47:37 UTC (191 days ago)
Update now
Notices
DNSSEC Authentication Chain
RRset status
Insecure (5)
- fail03.dnssec.works/A
- fail03.dnssec.works/AAAA
- fail03.dnssec.works/NS
- fail03.dnssec.works/SOA
- fail03.dnssec.works/TXT
Secure (1)
- works/SOA
DNSKEY/DS/NSEC status
Insecure (5)
- dnssec.works/DNSKEY (alg 8, id 41779)
- dnssec.works/DNSKEY (alg 8, id 63735)
- fail03.dnssec.works/DNSKEY (alg 8, id 4699)
- fail03.dnssec.works/DNSKEY (alg 8, id 8628)
- fail03.dnssec.works/DS (alg 8, id 4699)
Secure (8)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 38696)
- ./DNSKEY (alg 8, id 53148)
- NSEC3 proving non-existence of dnssec.works/DS
- works/DNSKEY (alg 8, id 15783)
- works/DNSKEY (alg 8, id 46672)
- works/DNSKEY (alg 8, id 48606)
- works/DS (alg 8, id 46672)
Delegation status
Insecure (1)
- works to dnssec.works
Secure (2)
- . to works
- dnssec.works to fail03.dnssec.works
Notices
Errors (4)
- RRSIG fail03.dnssec.works/A alg 8, id 8628: The cryptographic signature of the RRSIG RR does not properly validate. See RFC 4035, Sec. 5.3.3.
- fail03.dnssec.works zone: The server(s) were not responsive to queries over UDP. See RFC 1035, Sec. 4.2. (37.153.96.134)
- fail03.dnssec.works/A: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (37.153.96.134, UDP_-_NOEDNS_)
- fail03.dnssec.works/NS: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (37.153.96.134, UDP_-_NOEDNS_)
Warnings (2)
- NSEC3 proving non-existence of dnssec.works/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
- NSEC3 proving non-existence of dnssec.works/DS: The salt value for an NSEC3 record should be empty. See RFC 9276, Sec. 3.1.
JavaScript is required to make the graph below interactive.
