norad.mil
Updated:
2025-03-20 20:29:37 UTC (349 days ago)
Go to most recent »
Notices
DNSSEC Authentication Chain
RRset status
Secure (2)
- norad.mil/NS
- norad.mil/SOA
DNSKEY/DS/NSEC status
Secure (14)
- ./DNSKEY (alg 8, id 20326)
- ./DNSKEY (alg 8, id 26470)
- ./DNSKEY (alg 8, id 38696)
- mil/DNSKEY (alg 8, id 44341)
- mil/DNSKEY (alg 8, id 5184)
- mil/DNSKEY (alg 8, id 63500)
- mil/DS (alg 8, id 63500)
- norad.mil/DNSKEY (alg 8, id 34041)
- norad.mil/DNSKEY (alg 8, id 47095)
- norad.mil/DNSKEY (alg 8, id 48715)
- norad.mil/DS (alg 8, id 47095)
- norad.mil/DS (alg 8, id 47095)
- norad.mil/DS (alg 8, id 48715)
- norad.mil/DS (alg 8, id 48715)
Delegation status
Secure (2)
- . to mil
- mil to norad.mil
Notices
Errors (9)
- norad.mil/NSEC3PARAM: The response had an invalid RCODE (SERVFAIL). See RFC 1035, Sec. 4.1.1. (164.236.0.19, 164.236.0.20, 164.236.160.19, 164.236.160.20, UDP_-_NOEDNS_)
- norad.mil/CDS has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/MX has errors; select the "Denial of existence" DNSSEC option to see them.
- jz842.aqfx5.norad.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/AAAA has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/CDNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/TXT has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (16)
- norad.mil/DS (alg 8, id 47095): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- norad.mil/DS (alg 8, id 47095): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- norad.mil/DS (alg 8, id 47095): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- norad.mil/DS (alg 8, id 47095): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- norad.mil/DS (alg 8, id 48715): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- norad.mil/DS (alg 8, id 48715): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
- norad.mil/DS (alg 8, id 48715): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- norad.mil/DS (alg 8, id 48715): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
- norad.mil/CDS has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/MX has warnings; select the "Denial of existence" DNSSEC option to see them.
- jz842.aqfx5.norad.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/AAAA has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/CDNSKEY has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
- norad.mil/TXT has warnings; select the "Denial of existence" DNSSEC option to see them.
JavaScript is required to make the graph below interactive.
