DNSSEC Analyzer - CRT2014-2024REVIEW.GOV

Back to Verisign Labs Tools

Domain Name:

Detail: more(+) / less(-)

Time: 2018-12-18 20:01:34 UTC, NTP stratum 4

Analyzing DNSSEC problems for CRT2014-2024REVIEW.GOV

DS=19036/SHA-256 is now in the chain-of-trust

DS=20326/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5 )`
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	Query to h.root-servers.net for ./DNSKEY
	Error querying h.root-servers.net/2001:500:1:0:0:0:0:53 for ./DNSKEY: 'IPv6 transport disabled'
	Received 1139 bytes from 198.97.190.53
	;; Answer received from 198.97.190.53 (1139 bytes) ;; HEADER SECTION ;; id = 4451 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 4 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (4 records) . 172800 IN DNSKEY ( 256 3 8 AwEAAdp440E6Mz7c+Vl4sPd0lTv2Qnc85dTW64j0RDD7sS/zwxWDJ3QRES2VKDO0OXLMqVJSs2YC CSDKuZXpDPuf++YfAu0j7lzYYdWTGwyNZhEaXtMQJIKYB96pW6cRkiG2Dn8S2vvo/PxW9PKQsyLb td8PcwWglHgReBVp7kEv/Dd+3b3YMukt4jnWgDUddAySg558Zld+c9eGWkgWoOiuhg4rQRkFstMX 1pRyOSHcZuH38o1WcsT4y3eT0U/SR6TOSLIB/8Ftirux/h297oS7tCcwSPt0wwry5OFNTlfMo8v7 WGurogfk8hPipf7TTKHIi20LWen5RCsvYsQBkYGpF78= ) ; Key ID = 2134 . 172800 IN DNSKEY ( 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0 EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/Q Zxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hO A2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8 ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0= ) ; Key ID = 19036 . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20181231000000 20181210000000 20326 . oZ1v3JnBSPHWf2HXeAyoqW/lTUP0FAs1tcEQOM47KD3Rb1qHySTbGhh0rTclRlm86GKUlPSiPaF3 zkJ5h46Nazo3r5iAqorjQ1FQD69AgLXpdEIrnzkC3tTTZv+h+Qi2/UosrzoPQnWj3pIdvZvcP5W2 T6nlP7PN5EP2LSeQzLxT8sOUGsBt0iDiGtqm+bN0mKxKdV4599g0+83FtubMG5oYWUBpMJ/os956 uvW/Vg2cwv3/m9X/cX38svYEcAbniXnyqT88+wqPBMA782tUu1AU1tb9QyMt0LcmsDgjrBWl38SG r/LvaNxHMrfU7ymNuEj6NeLBhNfuDEaz0zBRtQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 3 DNSKEY records for .
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAdp440E6Mz7c+Vl4sPd0lTv2Qnc85dTW64j0RDD7sS/zwxWDJ3QRES2VKDO0OXLMqVJSs2YC CSDKuZXpDPuf++YfAu0j7lzYYdWTGwyNZhEaXtMQJIKYB96pW6cRkiG2Dn8S2vvo/PxW9PKQsyLb td8PcwWglHgReBVp7kEv/Dd+3b3YMukt4jnWgDUddAySg558Zld+c9eGWkgWoOiuhg4rQRkFstMX 1pRyOSHcZuH38o1WcsT4y3eT0U/SR6TOSLIB/8Ftirux/h297oS7tCcwSPt0wwry5OFNTlfMo8v7 WGurogfk8hPipf7TTKHIi20LWen5RCsvYsQBkYGpF78= ) ; Key ID = 2134`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0 EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/Q Zxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hO A2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8 ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0= ) ; Key ID = 19036`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326`
	DNSKEY=19036/SEP is now in the chain-of-trust
	DS=19036/SHA-256 verifies DNSKEY=19036/SEP
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20181231000000 20181210000000 20326 . oZ1v3JnBSPHWf2HXeAyoqW/lTUP0FAs1tcEQOM47KD3Rb1qHySTbGhh0rTclRlm86GKUlPSiPaF3 zkJ5h46Nazo3r5iAqorjQ1FQD69AgLXpdEIrnzkC3tTTZv+h+Qi2/UosrzoPQnWj3pIdvZvcP5W2 T6nlP7PN5EP2LSeQzLxT8sOUGsBt0iDiGtqm+bN0mKxKdV4599g0+83FtubMG5oYWUBpMJ/os956 uvW/Vg2cwv3/m9X/cX38svYEcAbniXnyqT88+wqPBMA782tUu1AU1tb9QyMt0LcmsDgjrBWl38SG r/LvaNxHMrfU7ymNuEj6NeLBhNfuDEaz0zBRtQ== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=2134 is now in the chain-of-trust
	Query to i.root-servers.net for CRT2014-2024REVIEW.GOV/A
	Received 680 bytes from 192.36.148.17
	;; Answer received from 192.36.148.17 (680 bytes) ;; HEADER SECTION ;; id = 58136 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) gov. 172800 IN NS b.gov-servers.net. gov. 172800 IN NS a.gov-servers.net. gov. 172800 IN NS c.gov-servers.net. gov. 172800 IN NS d.gov-servers.net. gov. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20181231170000 20181218160000 2134 . XPTxZUXz06MeQZ+WtxjkclcbDHciQXSgXJgAlVKv0m4rLpA08q3BvOb/IeDt2dqOltxrRnhUQCXe bWabN8yKworRq5VNoywxBbV3ChT4je19pKIvXpskswJReYPC8meWuBWXtJm/r2NTVHW1hvAHlU3d 5QJMEPEOkcqQwZT0U0cp3Po+k+qLphXwZTMrvHdqyi7S6KjErBlYSkiy2ffCvEiRPoCuqkwvqs30 yO3bIMMc/nUCSF5yTKGk27pNx+QejkwxGFqlqgrN3yRpGtyzLlWhS12hkcV890SL5ahclNhJwgYX Z/Mv0A+Lh6qO5nn6kpS/lngCvkpC2hMIZW42sA== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN A 209.112.123.30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN A 69.36.153.30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN A 81.19.194.30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to i.root-servers.net for GOV/DNSKEY
	Received 661 bytes from 192.36.148.17
	;; Answer received from 192.36.148.17 (661 bytes) ;; HEADER SECTION ;; id = 59037 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) gov. 172800 IN NS c.gov-servers.net. gov. 172800 IN NS b.gov-servers.net. gov. 172800 IN NS d.gov-servers.net. gov. 172800 IN NS a.gov-servers.net. gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe gov. 86400 IN RRSIG ( DS 8 1 86400 20181231170000 20181218160000 2134 . XPTxZUXz06MeQZ+WtxjkclcbDHciQXSgXJgAlVKv0m4rLpA08q3BvOb/IeDt2dqOltxrRnhUQCXe bWabN8yKworRq5VNoywxBbV3ChT4je19pKIvXpskswJReYPC8meWuBWXtJm/r2NTVHW1hvAHlU3d 5QJMEPEOkcqQwZT0U0cp3Po+k+qLphXwZTMrvHdqyi7S6KjErBlYSkiy2ffCvEiRPoCuqkwvqs30 yO3bIMMc/nUCSF5yTKGk27pNx+QejkwxGFqlqgrN3yRpGtyzLlWhS12hkcV890SL5ahclNhJwgYX Z/Mv0A+Lh6qO5nn6kpS/lngCvkpC2hMIZW42sA== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN A 209.112.123.30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN A 69.36.153.30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN A 81.19.194.30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found child zone GOV

GOV

	Checking DS between . and GOV
	Query to k.root-servers.net for GOV/DS
	Error querying k.root-servers.net/2001:7fd:0:0:0:0:0:1 for GOV/DS: 'IPv6 transport disabled'
	Received 403 bytes from 193.0.14.129
	;; Answer received from 193.0.14.129 (403 bytes) ;; HEADER SECTION ;; id = 29399 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DS ;; ANSWER SECTION (3 records) GOV. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe GOV. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20181231170000 20181218160000 2134 . XPTxZUXz06MeQZ+WtxjkclcbDHciQXSgXJgAlVKv0m4rLpA08q3BvOb/IeDt2dqOltxrRnhUQCXe bWabN8yKworRq5VNoywxBbV3ChT4je19pKIvXpskswJReYPC8meWuBWXtJm/r2NTVHW1hvAHlU3d 5QJMEPEOkcqQwZT0U0cp3Po+k+qLphXwZTMrvHdqyi7S6KjErBlYSkiy2ffCvEiRPoCuqkwvqs30 yO3bIMMc/nUCSF5yTKGk27pNx+QejkwxGFqlqgrN3yRpGtyzLlWhS12hkcV890SL5ahclNhJwgYX Z/Mv0A+Lh6qO5nn6kpS/lngCvkpC2hMIZW42sA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 2 DS records for GOV in the . zone
	DS=7698/SHA-1 has algorithm RSASHA256
	DS=7698/SHA-256 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`GOV. 86400 IN RRSIG ( DS 8 1 86400 20181231170000 20181218160000 2134 . XPTxZUXz06MeQZ+WtxjkclcbDHciQXSgXJgAlVKv0m4rLpA08q3BvOb/IeDt2dqOltxrRnhUQCXe bWabN8yKworRq5VNoywxBbV3ChT4je19pKIvXpskswJReYPC8meWuBWXtJm/r2NTVHW1hvAHlU3d 5QJMEPEOkcqQwZT0U0cp3Po+k+qLphXwZTMrvHdqyi7S6KjErBlYSkiy2ffCvEiRPoCuqkwvqs30 yO3bIMMc/nUCSF5yTKGk27pNx+QejkwxGFqlqgrN3yRpGtyzLlWhS12hkcV890SL5ahclNhJwgYX Z/Mv0A+Lh6qO5nn6kpS/lngCvkpC2hMIZW42sA== )`
	RRSIG=2134 and DNSKEY=2134 verifies the DS RRset
	DS=7698/SHA-1 is now in the chain-of-trust
	`GOV. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe`
	`GOV. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 )`
	Query to d.gov-servers.net for GOV/DNSKEY
	Received 743 bytes from 81.19.194.30
	;; Answer received from 81.19.194.30 (743 bytes) ;; HEADER SECTION ;; id = 6323 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (3 records) GOV. 86400 IN DNSKEY ( 256 3 8 AQOzQCL1fIfPdHz2b/lMEAyj5l7JieIaa1GJ1/KDBE80I/FgASeN5ekMXj8XwPdLS38aXq4M67zu locw3A3YjP8qGvR8EZTClRKoFWfQSFyroyXq5w2GN2ir8gxXMwRcIcSg5AVK+3uGMLNRdwVXZB27 GlaqF75saOfj2hP7t2bs6Q== ) ; Key ID = 40499 GOV. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698 GOV. 86400 IN RRSIG ( DNSKEY 8 1 86400 20181223224731 20181208224231 7698 gov. Il/96qUKHNn0ZAOoV2App1UfZY1xcWWeHbsbv5fP6NDWPYyMAXR53AvffkiU6HPQtAciq1hHHgln aZ8jfWnDvffBADBaTioeblHVk9JboOUnoVITbsDBTCfZQG7EIn/nfhMy6h/1HJpdkuWshZ7eH+93 c2csPFAPAbF/8qfgixdkl4juvcDdugrXFmWC7A6ns3cjRZeCUd/RLt1SiNG7RjOndb/GGoQcAEDS X+2tJEurPUgMosqtvLk9HHvv3eLAJxy6i184vnN+jMsm1/WEkiK9nW4LCGSamux+LLBvTqfEhQE1 2zZ946dysmZh8czhq4myhgq6pZD08A4Nb7eGnw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found 2 DNSKEY records for GOV
	`GOV. 86400 IN DNSKEY ( 256 3 8 AQOzQCL1fIfPdHz2b/lMEAyj5l7JieIaa1GJ1/KDBE80I/FgASeN5ekMXj8XwPdLS38aXq4M67zu locw3A3YjP8qGvR8EZTClRKoFWfQSFyroyXq5w2GN2ir8gxXMwRcIcSg5AVK+3uGMLNRdwVXZB27 GlaqF75saOfj2hP7t2bs6Q== ) ; Key ID = 40499`
	`GOV. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698`
	DNSKEY=7698/SEP is now in the chain-of-trust
	DS=7698/SHA-1 verifies DNSKEY=7698/SEP
	DS=7698/SHA-256 verifies DNSKEY=7698/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`GOV. 86400 IN RRSIG ( DNSKEY 8 1 86400 20181223224731 20181208224231 7698 gov. Il/96qUKHNn0ZAOoV2App1UfZY1xcWWeHbsbv5fP6NDWPYyMAXR53AvffkiU6HPQtAciq1hHHgln aZ8jfWnDvffBADBaTioeblHVk9JboOUnoVITbsDBTCfZQG7EIn/nfhMy6h/1HJpdkuWshZ7eH+93 c2csPFAPAbF/8qfgixdkl4juvcDdugrXFmWC7A6ns3cjRZeCUd/RLt1SiNG7RjOndb/GGoQcAEDS X+2tJEurPUgMosqtvLk9HHvv3eLAJxy6i184vnN+jMsm1/WEkiK9nW4LCGSamux+LLBvTqfEhQE1 2zZ946dysmZh8czhq4myhgq6pZD08A4Nb7eGnw== )`
	RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
	DNSKEY=40499 is now in the chain-of-trust
	Query to d.gov-servers.net for CRT2014-2024REVIEW.GOV/A
	Error querying d.gov-servers.net/2620:74:29:0:0:0:2:30 for CRT2014-2024REVIEW.GOV/A: 'IPv6 transport disabled'
	Received 438 bytes from 81.19.194.30
	;; Answer received from 81.19.194.30 (438 bytes) ;; HEADER SECTION ;; id = 36822 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 5 arcount = 5 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (5 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 3600 IN DS ( 13106 8 2 2045dd42254ed1156f5d0cfeb0780625f1433b082d5c5820798e7636b8683e7c ) CRT2014-2024REVIEW.GOV. 3600 IN DS ( 38870 8 2 117689168e7b9f10a880196f033eae57315e8029768f799095a9aa97192b9134 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20181225161007 20181218161007 40499 gov. RkMPcVk3p1IOP8KCq0rel3OOQqPwJwKXhCUGGA51WZvQhQUJfyX8wgHR6wmSsceyvdQoXsE+/aFv TYBo9kVCEp9I11TsdBq44Oun0GiPNUDavWOikjh4X9t2PNh1CH9Ll3ATjbPP8BJDqOPeDJgpMcSu CFn3ovOpHVMvMaZqj9o= ) ;; ADDITIONAL SECTION (5 records) ns1.bpa.GOV. 86400 IN A 170.160.36.10 ns2.bpa.GOV. 86400 IN A 170.160.100.10 ns1.bpa.GOV. 86400 IN AAAA 2620:137:401a:10db::10 ns2.bpa.GOV. 86400 IN AAAA 2620:137:401b:10db::10 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Query to b.gov-servers.net for CRT2014-2024REVIEW.GOV/DNSKEY
	Received 438 bytes from 209.112.123.30
	;; Answer received from 209.112.123.30 (438 bytes) ;; HEADER SECTION ;; id = 31021 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 5 arcount = 5 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (5 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 3600 IN DS ( 13106 8 2 2045dd42254ed1156f5d0cfeb0780625f1433b082d5c5820798e7636b8683e7c ) CRT2014-2024REVIEW.GOV. 3600 IN DS ( 38870 8 2 117689168e7b9f10a880196f033eae57315e8029768f799095a9aa97192b9134 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20181225161007 20181218161007 40499 gov. RkMPcVk3p1IOP8KCq0rel3OOQqPwJwKXhCUGGA51WZvQhQUJfyX8wgHR6wmSsceyvdQoXsE+/aFv TYBo9kVCEp9I11TsdBq44Oun0GiPNUDavWOikjh4X9t2PNh1CH9Ll3ATjbPP8BJDqOPeDJgpMcSu CFn3ovOpHVMvMaZqj9o= ) ;; ADDITIONAL SECTION (5 records) ns1.bpa.GOV. 86400 IN A 170.160.36.10 ns2.bpa.GOV. 86400 IN A 170.160.100.10 ns1.bpa.GOV. 86400 IN AAAA 2620:137:401a:10db::10 ns2.bpa.GOV. 86400 IN AAAA 2620:137:401b:10db::10 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found child zone CRT2014-2024REVIEW.GOV

CRT2014-2024REVIEW.GOV

	Checking DS between GOV and CRT2014-2024REVIEW.GOV
	Query to d.gov-servers.net for CRT2014-2024REVIEW.GOV/DS
	Received 310 bytes from 81.19.194.30
	;; Answer received from 81.19.194.30 (310 bytes) ;; HEADER SECTION ;; id = 33120 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DS ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 3600 IN DS ( 13106 8 2 2045dd42254ed1156f5d0cfeb0780625f1433b082d5c5820798e7636b8683e7c ) CRT2014-2024REVIEW.GOV. 3600 IN DS ( 38870 8 2 117689168e7b9f10a880196f033eae57315e8029768f799095a9aa97192b9134 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20181225161007 20181218161007 40499 gov. RkMPcVk3p1IOP8KCq0rel3OOQqPwJwKXhCUGGA51WZvQhQUJfyX8wgHR6wmSsceyvdQoXsE+/aFv TYBo9kVCEp9I11TsdBq44Oun0GiPNUDavWOikjh4X9t2PNh1CH9Ll3ATjbPP8BJDqOPeDJgpMcSu CFn3ovOpHVMvMaZqj9o= ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found 2 DS records for CRT2014-2024REVIEW.GOV in the GOV zone
	DS=13106/SHA-256 has algorithm RSASHA256
	DS=38870/SHA-256 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20181225161007 20181218161007 40499 gov. RkMPcVk3p1IOP8KCq0rel3OOQqPwJwKXhCUGGA51WZvQhQUJfyX8wgHR6wmSsceyvdQoXsE+/aFv TYBo9kVCEp9I11TsdBq44Oun0GiPNUDavWOikjh4X9t2PNh1CH9Ll3ATjbPP8BJDqOPeDJgpMcSu CFn3ovOpHVMvMaZqj9o= )`
	RRSIG=40499 and DNSKEY=40499 verifies the DS RRset
	DS=13106/SHA-256 is now in the chain-of-trust
	DS=38870/SHA-256 is now in the chain-of-trust
	`CRT2014-2024REVIEW.GOV. 3600 IN DS ( 13106 8 2 2045dd42254ed1156f5d0cfeb0780625f1433b082d5c5820798e7636b8683e7c )`
	`CRT2014-2024REVIEW.GOV. 3600 IN DS ( 38870 8 2 117689168e7b9f10a880196f033eae57315e8029768f799095a9aa97192b9134 )`
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/DNSKEY
	Received 2395 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (2395 bytes) ;; HEADER SECTION ;; id = 32424 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 1 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 8 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DNSKEY ;; ANSWER SECTION (8 records) CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAcmQPq6Yez9Peeve4rJoAkwpJM7cp7DBEfky0YyAOw1s7512JTlcak1KocG3Fnc0lipudu5P NgATcnTfbscRWdsHNvMUtNXdQ1LXipWrR6fFiq/icltJHPY4Pv6EWEnNGT3hIRfKZzucLQnfEpan anUX8uAhcgnm/2Ggu54GEGRd/lhMtR8wrr8DKlO30KJrPH/VvnDd1KjMVsN+PbwgzrNxYi6knnn7 ZZNO0cQyBnfoZCfMuPyWaC+fdEPAuB/ApFuB3SXpnCRFaV1LD3OT2Dc4nJ7TntH8Lvuz0Tju1dFO 23qK3a+rWtFpKLyrWESyhocEtnG/YUBgtbDgoFoehSE= ) ; Key ID = 24823 CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAddDs/l1UT8HWFz0p0FPWYGvEl9fWrEtrlm4sC9zDkoWk9W03UGVQZACb3xLzIGx0SMSuHJs TJVga/+wxJAi58jL6zXiCEkiHZdiE/2pA/YkW87Bg87474l+cWyyv3qHkDeUkgF34ggHGq8JMSDT W5wKwoY1+DELanHHfHUcruZD73qJaMskLgpbI+ryuXixVh+cO662wVwFP1kMRMwHPPFK6e5csy01 xOAi6FWjn2AyUl6iR5vVpriRgK8VvLDcxF6S3ti7PEOKKzMK8SluJ+prSeKWDcQ7JC2STRLV//Kx B3qItAwAFpbkbdNOMSkcDvFWn+a47Q2BxC2NMaxrodE= ) ; Key ID = 60831 CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAfP6qVcM0e2J4u7XsFcyJiMruL/XOLuFtq1UpklmBWDa+DCN8V0sYT2hDI4zDb2xvcm0bs4V HasncJUvH4+DNr6Ty/4upTNQfj+wiPLAkYevZHAFhF8oV2UbQLkLJ9ncxqqWx8tomwwDI1Sx+Ujs 4vUAZCvzs9P51ZwORXKAt3DauJ5zgscxQUX/lKDKshJWEB72hzKyFNmxYfC807OYwLcZxMCo1/zI 5IWuVUkySF1x3BkCycai4fMa7l4RXklydQpNYK9bqzfOvI20h+9JfCP59IWp9D4/aMDq8yht9+Ua mvkuwuokj8KYv6C6Pr7pbeW05ec7mEZcSdIu4K5f1hM= ) ; Key ID = 13106 CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAbPDDTgtl4Q/phNfTJcF6LukCTbzxCUVw8EntVkhtKVHzgMTxzk/+SlsYF2wWEpudsN76HiP WvIUtAjLw/UyCw6k7V/7yVVKDZ2KrejUiEdMLydir+9XzwYIjAWFRAI5PGzOKgBZnnRbyTV53kD3 PTCkBFHPn+bdBNigSEn0aIToiA5OoabPbI0/qwv9IsQwbaOP5+Xdp0YalTqmugbcJB+zdDKgDQK/ +d0Twg1K4/mtDLaekxlwuJWai0e9XceuywZRrtOfE5zrYeP6ym2l+clzEeSBAocwHvKOZIRvaM1h G525+9Aob/3isIMY5g0JdeO49aQY9wx62l+TBS32f7E= ) ; Key ID = 52270 CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 24823 crt2014-2024review.gov. GGjXKf/tlc61I2VO7pTM/OHRsD72Lu141I1LyF4zsHXAJDhHdnjUFGlPnvu4/7AwPzi5Dzo4JXHN Oeo2F1g562PzhYYvzDNTCMDCHtjLlRa/0BgoJt4Ab5wxIeeePbZ0t9gfvzaziNkIlS+adQcEcwYL xjRCsXbu6eoZtel74t3TU+tNBfFzXRm3Pb7Y1UXmGmT6EZ5wfbPgGyyi0OEjOYPihSJikcUe9VUz zSNGwmJRokZwhQxWo5pAMHf7MGuR3mUJ1Sej8QeTCol8CdGBCcx7a/Kr7E1+MwGUSOZRNRUTCxBO t+siihunDB/1Hd25Dk1O87GgEK0in6yPY/sLJQ== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 60831 crt2014-2024review.gov. UJvqaAELf/snz4NUEDEIilV6CPRml8PiPAFvTBu+R47BLL8wAtQfeciMKjm7AEw2zQDikCtruXFy soh9vmKwrYV0h38Frrvf/iWCmluPeQmAG5jqAgiQoOESErbk8+zlrTuu8PO24eLKEO9VI2g2Un17 l7zoy2cNqt5LetYPwvDUd4NmGlEdV0+RdtqN7/r/5xhE0eFtR59yU3rMUSWSgqy7ltFuLJhiIdrs C0+dhVlh/X6sIOY+p5HuNJ5msNCQFXfSBb3ocoYYyqhys5X5lqdPRa6/ejhQKlp7GLFccmwg70W0 BOZ0oMfjwPN8bSbrHHyriRvP8OINoKL62d3loA== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 13106 crt2014-2024review.gov. q8G7Y/K8+RERTp/zRExCTymvhlfJAW4CVttTvDyCoxnvFQM59rKBf7Oj074Vnyv2J04o4/sI36ef pg68foCZI/BuF+9V5T55E85r3ofWYg2xWvyCYj6LtzM7Sr92wPLDRzV+yVBEygQmuvb/eh6WRUfr rE86zjxG92t8jDyZo401uyf+HhteIR+itnljcznnVKkj1UTJZjkZi2GrE+TamHAxhYp7fsuujxQ1 +9bKYqawVP9PtdxYoiryPDBXCccEz6ySTSQwfhCj3KcdWgAJhfqpV8kd3x7aANyMAtgkCXe+xS1C jrVNg5nZubajZCs8wbVUaj7TILYzEaDMXB20jQ== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 52270 crt2014-2024review.gov. hhSVO43/Aj7vZ2lCTM2MYrDPgRiu9DPgMWaLfRCn3r+lywnS2uovBPtOTjotKUZA6abWTl4Ow1ni kyeILnxk7MQEU6l12jTBD4UZzNMI8+A9lIgyBIIvk54gC/fLQhYVwRzaxfqe1qwK2Gmem4vPzdoP RU/B8OEhmIGLe1LLzYMVK2GfqkCWjGNC+dxBHC0otqLVRKfgXhg0GZiVSAHRMLVlVza5zDQgeOXF UhQUUDpTYfJccgwYiBk4x7CZiqGp/BmGqNMGkgUxdWtdhtY3y3FTYMp5qvAEojVcbhZxiMTDLfde 0g/urQ2rSy6S2nb2cwXV/2YFrAVvuTuXRV4ajw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 4 DNSKEY records for CRT2014-2024REVIEW.GOV
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAcmQPq6Yez9Peeve4rJoAkwpJM7cp7DBEfky0YyAOw1s7512JTlcak1KocG3Fnc0lipudu5P NgATcnTfbscRWdsHNvMUtNXdQ1LXipWrR6fFiq/icltJHPY4Pv6EWEnNGT3hIRfKZzucLQnfEpan anUX8uAhcgnm/2Ggu54GEGRd/lhMtR8wrr8DKlO30KJrPH/VvnDd1KjMVsN+PbwgzrNxYi6knnn7 ZZNO0cQyBnfoZCfMuPyWaC+fdEPAuB/ApFuB3SXpnCRFaV1LD3OT2Dc4nJ7TntH8Lvuz0Tju1dFO 23qK3a+rWtFpKLyrWESyhocEtnG/YUBgtbDgoFoehSE= ) ; Key ID = 24823`
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAddDs/l1UT8HWFz0p0FPWYGvEl9fWrEtrlm4sC9zDkoWk9W03UGVQZACb3xLzIGx0SMSuHJs TJVga/+wxJAi58jL6zXiCEkiHZdiE/2pA/YkW87Bg87474l+cWyyv3qHkDeUkgF34ggHGq8JMSDT W5wKwoY1+DELanHHfHUcruZD73qJaMskLgpbI+ryuXixVh+cO662wVwFP1kMRMwHPPFK6e5csy01 xOAi6FWjn2AyUl6iR5vVpriRgK8VvLDcxF6S3ti7PEOKKzMK8SluJ+prSeKWDcQ7JC2STRLV//Kx B3qItAwAFpbkbdNOMSkcDvFWn+a47Q2BxC2NMaxrodE= ) ; Key ID = 60831`
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAfP6qVcM0e2J4u7XsFcyJiMruL/XOLuFtq1UpklmBWDa+DCN8V0sYT2hDI4zDb2xvcm0bs4V HasncJUvH4+DNr6Ty/4upTNQfj+wiPLAkYevZHAFhF8oV2UbQLkLJ9ncxqqWx8tomwwDI1Sx+Ujs 4vUAZCvzs9P51ZwORXKAt3DauJ5zgscxQUX/lKDKshJWEB72hzKyFNmxYfC807OYwLcZxMCo1/zI 5IWuVUkySF1x3BkCycai4fMa7l4RXklydQpNYK9bqzfOvI20h+9JfCP59IWp9D4/aMDq8yht9+Ua mvkuwuokj8KYv6C6Pr7pbeW05ec7mEZcSdIu4K5f1hM= ) ; Key ID = 13106`
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAbPDDTgtl4Q/phNfTJcF6LukCTbzxCUVw8EntVkhtKVHzgMTxzk/+SlsYF2wWEpudsN76HiP WvIUtAjLw/UyCw6k7V/7yVVKDZ2KrejUiEdMLydir+9XzwYIjAWFRAI5PGzOKgBZnnRbyTV53kD3 PTCkBFHPn+bdBNigSEn0aIToiA5OoabPbI0/qwv9IsQwbaOP5+Xdp0YalTqmugbcJB+zdDKgDQK/ +d0Twg1K4/mtDLaekxlwuJWai0e9XceuywZRrtOfE5zrYeP6ym2l+clzEeSBAocwHvKOZIRvaM1h G525+9Aob/3isIMY5g0JdeO49aQY9wx62l+TBS32f7E= ) ; Key ID = 52270`
	DNSKEY=13106/SEP is now in the chain-of-trust
	DS=13106/SHA-256 verifies DNSKEY=13106/SEP
	DS=38870/SHA-256 is published, but a corresponding DNSKEY is not
	Found 4 RRSIGs over DNSKEY RRset
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 24823 crt2014-2024review.gov. GGjXKf/tlc61I2VO7pTM/OHRsD72Lu141I1LyF4zsHXAJDhHdnjUFGlPnvu4/7AwPzi5Dzo4JXHN Oeo2F1g562PzhYYvzDNTCMDCHtjLlRa/0BgoJt4Ab5wxIeeePbZ0t9gfvzaziNkIlS+adQcEcwYL xjRCsXbu6eoZtel74t3TU+tNBfFzXRm3Pb7Y1UXmGmT6EZ5wfbPgGyyi0OEjOYPihSJikcUe9VUz zSNGwmJRokZwhQxWo5pAMHf7MGuR3mUJ1Sej8QeTCol8CdGBCcx7a/Kr7E1+MwGUSOZRNRUTCxBO t+siihunDB/1Hd25Dk1O87GgEK0in6yPY/sLJQ== )`
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 60831 crt2014-2024review.gov. UJvqaAELf/snz4NUEDEIilV6CPRml8PiPAFvTBu+R47BLL8wAtQfeciMKjm7AEw2zQDikCtruXFy soh9vmKwrYV0h38Frrvf/iWCmluPeQmAG5jqAgiQoOESErbk8+zlrTuu8PO24eLKEO9VI2g2Un17 l7zoy2cNqt5LetYPwvDUd4NmGlEdV0+RdtqN7/r/5xhE0eFtR59yU3rMUSWSgqy7ltFuLJhiIdrs C0+dhVlh/X6sIOY+p5HuNJ5msNCQFXfSBb3ocoYYyqhys5X5lqdPRa6/ejhQKlp7GLFccmwg70W0 BOZ0oMfjwPN8bSbrHHyriRvP8OINoKL62d3loA== )`
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 13106 crt2014-2024review.gov. q8G7Y/K8+RERTp/zRExCTymvhlfJAW4CVttTvDyCoxnvFQM59rKBf7Oj074Vnyv2J04o4/sI36ef pg68foCZI/BuF+9V5T55E85r3ofWYg2xWvyCYj6LtzM7Sr92wPLDRzV+yVBEygQmuvb/eh6WRUfr rE86zjxG92t8jDyZo401uyf+HhteIR+itnljcznnVKkj1UTJZjkZi2GrE+TamHAxhYp7fsuujxQ1 +9bKYqawVP9PtdxYoiryPDBXCccEz6ySTSQwfhCj3KcdWgAJhfqpV8kd3x7aANyMAtgkCXe+xS1C jrVNg5nZubajZCs8wbVUaj7TILYzEaDMXB20jQ== )`
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20181221170730 20181214170730 52270 crt2014-2024review.gov. hhSVO43/Aj7vZ2lCTM2MYrDPgRiu9DPgMWaLfRCn3r+lywnS2uovBPtOTjotKUZA6abWTl4Ow1ni kyeILnxk7MQEU6l12jTBD4UZzNMI8+A9lIgyBIIvk54gC/fLQhYVwRzaxfqe1qwK2Gmem4vPzdoP RU/B8OEhmIGLe1LLzYMVK2GfqkCWjGNC+dxBHC0otqLVRKfgXhg0GZiVSAHRMLVlVza5zDQgeOXF UhQUUDpTYfJccgwYiBk4x7CZiqGp/BmGqNMGkgUxdWtdhtY3y3FTYMp5qvAEojVcbhZxiMTDLfde 0g/urQ2rSy6S2nb2cwXV/2YFrAVvuTuXRV4ajw== )`
	RRSIG=24823 and DNSKEY=24823 verifies the DNSKEY RRset
	RRSIG=60831 and DNSKEY=60831 verifies the DNSKEY RRset
	RRSIG=13106 and DNSKEY=13106/SEP verifies the DNSKEY RRset
	RRSIG=52270 and DNSKEY=52270/SEP verifies the DNSKEY RRset
	DNSKEY=24823 is now in the chain-of-trust
	DNSKEY=60831 is now in the chain-of-trust
	DNSKEY=52270/SEP is now in the chain-of-trust
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/A
	Received 1347 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (1347 bytes) ;; HEADER SECTION ;; id = 34525 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 1 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 1800 IN A 170.160.42.18 CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181221181056 20181214181056 24823 crt2014-2024review.gov. BxDbG5XNBw4lZzHDkt4IlEJh6dqSD3MlmokM+6EQUIXpn0VfNm+OMx7HQSOWMfRbt7BJw/U1zTlm peaXZGwDU54P7Av3uryy83hxEKgwNaAXv7xvyrd5pgkh+W/jwOafQ1djphC766WgL+ijEPk7HQR/ nIHmH1OPJ4W7rPosLSQGTOvhKWSMOhsUekCFJDvn9xHdf6TW4OhBLpM0BnwulherCE+1W5U8RY0o dBFpQP5pG+ayJKnkbEvDd2fvnkHmGtD8hExiYYKksinP10jfyWo67kipTEYssy6a9CXcClU42xCL HNpxyjt1E4H9OlVKxQrFn108jeqdeaIXb6+2XA== ) CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181222174621 20181215174621 60831 crt2014-2024review.gov. boL8JtCxwjk3r19ONud+8nfcwNgqEP0s0W942UGT8/shPtl6DK3f5trV4eiaxGRI3t4L3lMHckPF 0NMWR094iwv/UftDckCNgW+gwrRH/twZaEkV0I9v0xLs3KsQppPjY2PeLD/ijfFzcwA12vrtQrKF qt6Wk5Glmt7fkdX1dhZot8BiJGMPr6wjLNj2IzGmpxhM9mrafurPssE7jCNEhSDKanipFJOqUSZH ocpSK2x9RirXRId3mJqiJ46aUEd+Hs0oTOH6Nl4xi1xuavvYFusjyA9aIcgpyfWGbPN3QyIzFa2I C2NSTCgmAVr63vR1hS6aZyu0ucNHuINKHxH8Rg== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181221173945 20181214173945 24823 crt2014-2024review.gov. GZkzF1O7zIHp5lwwrh69VI+3qNEaniOKCLQMCKH7LfY4IelM9eiGHwjB90UW90tOApnuUk5S5mK0 5LKM2RWa07puyDX1ePvjltqDK9dpURattAabX3r0POPijDF5rTR+rwk+P06ojCwv5tpROhqZKgk7 moVt+3OHD+TYWH+lUKz1jQduTacz13Ugy6fjrPBG88pxGCt8xWupTdXYD2JFxMLvt9KoB5NXFSFx WDdAYzVrQdM5w7LPlbaLQb39EDpaWbM5tEqteZJXepE9issCbh362FmdY53hBwJqhduGKP7LPZHd 1LSdCDc3p6bV2KFE1w6qPhUHJvneOerAHbQJyg== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181222174621 20181215174621 60831 crt2014-2024review.gov. nsd8vXMXv8E/DlvSOGumgkAW5P4Xy83cJqaSWl7sbJv5+kd+WwBrBu+uCwIjUk1pkh0yWgvrHy8l P+/B0GwOhWcXMKc94xgBEbrD/jnzpirdKCe+Ekb+erzNwmTSMM+DYJC7BUd5EUe7O0UT/qGzSLwh f1wwb6I9tSkho1/gnBed3VTHHNp3DxfFAfJ2JQzFH8UrJlm83gcTmIEA1+TutPkRInlmX8ZAPWc9 E9FsL3mPz13cErvaz5kQrYUA6L5inhyPu2cz7tNs++l14Up0KQ4fQQxqRdIPga6PLelhFuaN8sn2 cj34KsUM4j4qAuUnfhwrnhxCSFcQvc7QofljTQ== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	CRT2014-2024REVIEW.GOV is authoritative for CRT2014-2024REVIEW.GOV
	Found RRSIG signed by crt2014-2024review.gov zone
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/SOA
	Received 1378 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (1378 bytes) ;; HEADER SECTION ;; id = 42955 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 1 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN SOA ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 43200 IN SOA ( ns1.bpa.GOV. hostmaster.bpa.GOV. 2018092102 ;serial 43200 ;refresh 3600 ;retry 1209600 ;expire 3600 ;minimum ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20181223000210 20181216000210 24823 crt2014-2024review.gov. O+wJMRjhRHrJ9Tt8H9Vfb4TUyUkfG/cVPVfAc2Y88wdQt8qxvIOg/D6qpHEzbvlZVvQpStVHDkNU mJ7uIrwUxKwRtwdRoTCSi0BjaD195cC/KyPeFuuujFjQgn0eoiN14CYJXCkIH20N+rfvszAY8MXm sCb3INacB2Ey73fVQsvFDOiL0U2hQrSM1r4rL9dpekit0jbvlBSp58IFVPBn8YOsZZhKvPm740P5 Te2/jtbYmVLYYh7ErIIadgzAZM6AM+JweS+IrevrCtn7dat19NzkDnFtkhgwUa34ObIpUYdpp8N9 eEWNgy2VAtb1vO+yplpzM56jC4F9K23KqJYYQg== ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20181223000210 20181216000210 60831 crt2014-2024review.gov. HY9FifMShSLUnpmbF7qIvY0cipoodmwcWv3rHGrHdlZxqmrgWG4lXbDQxkFDTt16UXDln7yHkUBJ X1IL7VtVhqponZW4Q+IRHha38vIYNTyu4lF2XCPZsMsatINFcs7bik0fznyndhBsbbAIqDkRrlvo ROz6rq1QIVYFZu0zg2Ui/Qx0MnVWzICF5e29ZTllCDiI844HhN2WqVOGQVHaLK9dukYkQ5EvR3Tj W5CE7QR9Z1n3tB1SkoTnOQXGEl3IG1+cHtt4iKDwwCvFSYBFLQi9IumHzSC+/tSFTocHR4A70sGX CYWAg6gMOswMr76T6uK0pLNPLcf8cwhANhUTJA== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181221203802 20181214203802 24823 crt2014-2024review.gov. MwhhMYv7AWbxDhjo08mzDHP7QiZXxyoufe3VGFbQ4qU1mI7xtdc52n9IPiDOiV5/ouMYTWc48CeE sAhorA1xSwSaKKKlsnOEQn/H/hyoJuNpwWqA+TpZK0oV2oaZHrIrUOdwaF6AZJJV2uOB58brzFSg BkDY7Nm8GYA/co6jWXM3hb1f258U0fdcpt4/ykur+BbXcqSDQfrOcNI3pJBwi8geGqSn6BTZhjfI /1rsOi/oScD3avT+oGab4bI7VR1WKJOD8SgmMZX/FL4LlLXgBaohkCz6bpAA56FiDbBbijXjJA2x XJyL7W8f6nIsW2woFylC2Px8X6/w3FVVxiUMog== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181222174251 20181215174251 60831 crt2014-2024review.gov. kKgyo2sNXyGY7m03lYs+/kLZY6IHCiU8Gkts4+9OhMv4Lb22WFQv9O0Er2YqtrGeDtKkIfFOdI5j m6O/R7Pb9JlEvX5+1D/bVmWrwaInF3kSj8XqL//Lu85mpkQHKH5UTG9CKMf/aMICIe397BcTfov8 0SRg1dgJIzIQTmc7xT4Shxkk3uD3V0i38CJ5D67fvLwSQ2rvSMt2TkUPkEFb7njxiHWlZV+aLqrl FKksskyxCMUIgfGIwcKpGt87EHe81vkuYPzfkkYRKgMkDlQ/BUZVHUpZMdlly//UKvphUB+g5jVg MzR5dUkI4HMcYF/RK+8Fg4/B60wDPKtlM7Es4Q== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns1.bpa.GOV for CRT2014-2024REVIEW.GOV/SOA
	Received 1378 bytes from 170.160.36.10
	;; Answer received from 170.160.36.10 (1378 bytes) ;; HEADER SECTION ;; id = 34535 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 1 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN SOA ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 43200 IN SOA ( ns1.bpa.GOV. hostmaster.bpa.GOV. 2018092102 ;serial 43200 ;refresh 3600 ;retry 1209600 ;expire 3600 ;minimum ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20181223044233 20181216044233 24823 crt2014-2024review.gov. a/0EiRDqPd9RXy3bNYMPkvL3jGKuDD8FgLi2qTKHaELa1eAl7QECjnGVpGdFLavasislaCi6Sk52 f7z3lWO8J/sKRujRksN6mCb7NIms9nw05ei+sHUmgacZGM28027lLMthz+xDEuj3kABjPWUVWdt4 i9xaqfiREviwPBvzCNOWoSlPqfYSM6Cv9iaxTn+x6dxiffNCHw6XsBbYBRCiFtZshBjkAlfQJN5y vhj7f43gnNGmMR2ec6HaCPPmhoSWKYHij6UiNIqtapn/6lko4ebSyRIxsBY2m6f0sKutrxsvLdnk KzN7KGoLH5OB4skw3CMWuiE8WEHkJ4fOEN0+zw== ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20181223044233 20181216044233 60831 crt2014-2024review.gov. gTQm9twvXabLaNplcYRrhdnbgxT9L5UVJEBjKbJUp1YeTAdq01YcZ23hQviBuvfvlGs2fakWAWOH VwBSnBfb8/1AHGfmYWQP5e5nLX3agcI5OmvU8BW7KR0VmAdR8KfNcuokD1PGyloHOfDqxaRG44hR YUiG4xJL8sCdOZzEeohaZCVDgVJL8cRqLkuRfHDcIONihw/nKLLnkmnPyqyMw4xvLevOF1b0mNxw +DaN3npBMbRsbpLTQWmdXjJM5x0rju99uW/rQ6BUKudexicFDf1b9cT15nbFjrV7wcEcBG/gogHM Koufda2M8Jv+kaaYS5ovY3nJrbA3o2kp9mAOZA== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181221173249 20181214173249 24823 crt2014-2024review.gov. xk9GBXN8rAKQCZJrlMpF4j6n8QB9iI1CxKZZILsLHBZVhD13svwwoTlQmq5oeOHQ8WiA/gsjGLwQ P844jF0vnE8HuOk+pQo3FLcVSww9VDuCgz81T934RgMy7shFBtC2ClKNPLp9WfvOE+kkLHIEYTp2 CmkmGntZARyJnyxEjJrAZhFe+rFbd7FTDmRXwF6JomMtz/61nFGv1u1JPMT6A92WsNVfVKmeHaZ5 /9Hg5Mpk4OSe8j7M3r0janANL1QQ1iLrxsoBoapjhT+S6mVq8hbYeo1WizE3B7xPVZ8ZJ0lGleFz ONgvDlaVBBpGrVmnhv2PHSJ52wlhIrrl+iSftw== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181222171036 20181215171036 60831 crt2014-2024review.gov. jyxMPIQMdSAvWITwDdnDBVIPHW0RlJG3IO0KcP5ohr6B8Rlo4hnko55QHXPuutdbsmwFtfYZW3+5 DeW0VhOEDZxoIAFQnXUo97lJLiDNR7TmgATHlKkHzSa+NCarzInw7axVHSwqDKBpz87Wrh9pw6iD IrN2uS0PBU48FY5UAzz4vuNwLF4r+IOFzk81de/RmhbG5EGKkTgC5JjKaFlbFzvy4vkhNWIuZj43 cFRGBZZYEk3kUmD+QfBBatWMNS/HioI21dxpr2gN7nSHb8G9WRxsWVfV4fjVHUtdz8Mjf2emVZ17 QaM12lDNoLEuSqG5+1IgDXEDsN8Zmcp+z6Qw5w== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/A
	Error querying ns2.bpa.GOV/2620:137:401b:10db:0:0:0:10 for CRT2014-2024REVIEW.GOV/A: 'IPv6 transport disabled'
	Received 1347 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (1347 bytes) ;; HEADER SECTION ;; id = 21851 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 1 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 1800 IN A 170.160.42.18 CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181221181056 20181214181056 24823 crt2014-2024review.gov. BxDbG5XNBw4lZzHDkt4IlEJh6dqSD3MlmokM+6EQUIXpn0VfNm+OMx7HQSOWMfRbt7BJw/U1zTlm peaXZGwDU54P7Av3uryy83hxEKgwNaAXv7xvyrd5pgkh+W/jwOafQ1djphC766WgL+ijEPk7HQR/ nIHmH1OPJ4W7rPosLSQGTOvhKWSMOhsUekCFJDvn9xHdf6TW4OhBLpM0BnwulherCE+1W5U8RY0o dBFpQP5pG+ayJKnkbEvDd2fvnkHmGtD8hExiYYKksinP10jfyWo67kipTEYssy6a9CXcClU42xCL HNpxyjt1E4H9OlVKxQrFn108jeqdeaIXb6+2XA== ) CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181222174621 20181215174621 60831 crt2014-2024review.gov. boL8JtCxwjk3r19ONud+8nfcwNgqEP0s0W942UGT8/shPtl6DK3f5trV4eiaxGRI3t4L3lMHckPF 0NMWR094iwv/UftDckCNgW+gwrRH/twZaEkV0I9v0xLs3KsQppPjY2PeLD/ijfFzcwA12vrtQrKF qt6Wk5Glmt7fkdX1dhZot8BiJGMPr6wjLNj2IzGmpxhM9mrafurPssE7jCNEhSDKanipFJOqUSZH ocpSK2x9RirXRId3mJqiJ46aUEd+Hs0oTOH6Nl4xi1xuavvYFusjyA9aIcgpyfWGbPN3QyIzFa2I C2NSTCgmAVr63vR1hS6aZyu0ucNHuINKHxH8Rg== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181221173945 20181214173945 24823 crt2014-2024review.gov. GZkzF1O7zIHp5lwwrh69VI+3qNEaniOKCLQMCKH7LfY4IelM9eiGHwjB90UW90tOApnuUk5S5mK0 5LKM2RWa07puyDX1ePvjltqDK9dpURattAabX3r0POPijDF5rTR+rwk+P06ojCwv5tpROhqZKgk7 moVt+3OHD+TYWH+lUKz1jQduTacz13Ugy6fjrPBG88pxGCt8xWupTdXYD2JFxMLvt9KoB5NXFSFx WDdAYzVrQdM5w7LPlbaLQb39EDpaWbM5tEqteZJXepE9issCbh362FmdY53hBwJqhduGKP7LPZHd 1LSdCDc3p6bV2KFE1w6qPhUHJvneOerAHbQJyg== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20181222174621 20181215174621 60831 crt2014-2024review.gov. nsd8vXMXv8E/DlvSOGumgkAW5P4Xy83cJqaSWl7sbJv5+kd+WwBrBu+uCwIjUk1pkh0yWgvrHy8l P+/B0GwOhWcXMKc94xgBEbrD/jnzpirdKCe+Ekb+erzNwmTSMM+DYJC7BUd5EUe7O0UT/qGzSLwh f1wwb6I9tSkho1/gnBed3VTHHNp3DxfFAfJ2JQzFH8UrJlm83gcTmIEA1+TutPkRInlmX8ZAPWc9 E9FsL3mPz13cErvaz5kQrYUA6L5inhyPu2cz7tNs++l14Up0KQ4fQQxqRdIPga6PLelhFuaN8sn2 cj34KsUM4j4qAuUnfhwrnhxCSFcQvc7QofljTQ== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	CRT2014-2024REVIEW.GOV A RR has value 170.160.42.18
	Found 2 RRSIGs over A RRset
	`CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181221181056 20181214181056 24823 crt2014-2024review.gov. BxDbG5XNBw4lZzHDkt4IlEJh6dqSD3MlmokM+6EQUIXpn0VfNm+OMx7HQSOWMfRbt7BJw/U1zTlm peaXZGwDU54P7Av3uryy83hxEKgwNaAXv7xvyrd5pgkh+W/jwOafQ1djphC766WgL+ijEPk7HQR/ nIHmH1OPJ4W7rPosLSQGTOvhKWSMOhsUekCFJDvn9xHdf6TW4OhBLpM0BnwulherCE+1W5U8RY0o dBFpQP5pG+ayJKnkbEvDd2fvnkHmGtD8hExiYYKksinP10jfyWo67kipTEYssy6a9CXcClU42xCL HNpxyjt1E4H9OlVKxQrFn108jeqdeaIXb6+2XA== )`
	`CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20181222174621 20181215174621 60831 crt2014-2024review.gov. boL8JtCxwjk3r19ONud+8nfcwNgqEP0s0W942UGT8/shPtl6DK3f5trV4eiaxGRI3t4L3lMHckPF 0NMWR094iwv/UftDckCNgW+gwrRH/twZaEkV0I9v0xLs3KsQppPjY2PeLD/ijfFzcwA12vrtQrKF qt6Wk5Glmt7fkdX1dhZot8BiJGMPr6wjLNj2IzGmpxhM9mrafurPssE7jCNEhSDKanipFJOqUSZH ocpSK2x9RirXRId3mJqiJ46aUEd+Hs0oTOH6Nl4xi1xuavvYFusjyA9aIcgpyfWGbPN3QyIzFa2I C2NSTCgmAVr63vR1hS6aZyu0ucNHuINKHxH8Rg== )`
	RRSIG=24823 and DNSKEY=24823 verifies the A RRset
	RRSIG=60831 and DNSKEY=60831 verifies the A RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test CRT2014-2024REVIEW.GOV at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: