Back to Verisign Labs Tools
Domain Name: Detail: more(+) / less(-) Time: 2018-12-12 05:52:40 UTC, NTP stratum 4

Analyzing DNSSEC problems for IAD.GOV

.
Found 3 DNSKEY records for .
DS=19036/SHA-256 verifies DNSKEY=19036/SEP
DS=20326/SHA-256 verifies DNSKEY=20326/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
GOV
Found 2 DS records for GOV in the . zone
DS=7698/SHA-1 has algorithm RSASHA256
DS=7698/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=2134 and DNSKEY=2134 verifies the DS RRset
Found 2 DNSKEY records for GOV
DS=7698/SHA-1 verifies DNSKEY=7698/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
IAD.GOV
Found 4 DS records for IAD.GOV in the GOV zone
DS=8800/SHA-1 has algorithm RSASHA256
DS=8800/SHA-256 has algorithm RSASHA256
DS=27866/SHA-1 has algorithm RSASHA256
DS=27866/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=40499 and DNSKEY=40499 verifies the DS RRset
Found 4 DNSKEY records for IAD.GOV
DS=8800/SHA-1 verifies DNSKEY=8800/SEP
DS=27866/SHA-1 verifies DNSKEY=27866/SEP
Found 2 RRSIGs over DNSKEY RRset
RRSIG=8800 and DNSKEY=8800/SEP verifies the DNSKEY RRset
IAD.GOV A RR has value 8.44.96.42
Found 1 RRSIGs over A RRset
RRSIG=46698 and DNSKEY=46698 verifies the A RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test IAD.GOV at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options