Back to Verisign Labs Tools
Domain Name: Detail: more(+) / less(-) Time: 2022-08-12 12:54:21 UTC, NTP stratum 16

Analyzing DNSSEC problems for capitolgiftshop.gov

.
Found 2 DNSKEY records for .
DS=20326/SHA-256 verifies DNSKEY=20326/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
gov
Found 1 DS records for gov in the . zone
DS=7698/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=20826 and DNSKEY=20826 verifies the DS RRset
Found 2 DNSKEY records for gov
DS=7698/SHA-256 verifies DNSKEY=7698/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
capitolgiftshop.gov
Found 2 DS records for capitolgiftshop.gov in the gov zone
DS=62962/SHA-1 has algorithm RSASHA256
DS=62962/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=261 and DNSKEY=261 verifies the DS RRset
Found 4 DNSKEY records for capitolgiftshop.gov
DS=62962/SHA-1 verifies DNSKEY=62962/SEP
Found 2 RRSIGs over DNSKEY RRset
RRSIG=29283 and DNSKEY=29283 verifies the DNSKEY RRset
ns2.comcastbusiness.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset
capitolgiftshop.gov
ns3.comcastbusiness.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset
capitolgiftshop.gov
authns2.centurylink.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset
capitolgiftshop.gov
ns2.aoc.gov is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset
capitolgiftshop.gov
ns1.aoc.gov is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset
capitolgiftshop.gov
authns1.centurylink.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=29283 and DNSKEY=29283 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=29283 and DNSKEY=29283 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test capitolgiftshop.gov at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options