Back to Verisign Labs Tools
Domain Name: Detail: more(+) / less(-) Time: 2023-10-02 22:21:37 UTC, NTP stratum 4

Analyzing DNSSEC problems for capitolgiftshop.gov

.
Found 3 DNSKEY records for .
DS=20326/SHA-256 verifies DNSKEY=20326/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
gov
Found 2 DS records for gov in the . zone
DS=7698/SHA-256 has algorithm RSASHA256
DS=64280/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=46780 and DNSKEY=46780 verifies the DS RRset
Found 4 DNSKEY records for gov
DS=64280/SHA-256 verifies DNSKEY=64280/SEP
DS=7698/SHA-256 verifies DNSKEY=7698/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
capitolgiftshop.gov
Found 2 DS records for capitolgiftshop.gov in the gov zone
DS=62962/SHA-1 has algorithm RSASHA256
DS=62962/SHA-256 has algorithm RSASHA256
Found 1 RRSIGs over DS RRset
RRSIG=40921 and DNSKEY=40921 verifies the DS RRset
Found 5 DNSKEY records for capitolgiftshop.gov
DS=62962/SHA-1 verifies DNSKEY=62962/SEP
Found 3 RRSIGs over DNSKEY RRset
RRSIG=6313 and DNSKEY=6313 verifies the DNSKEY RRset
ns2.aoc.gov is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset
capitolgiftshop.gov
ns2.comcastbusiness.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset
capitolgiftshop.gov
ns1.aoc.gov is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset
capitolgiftshop.gov
authns1.centurylink.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset
capitolgiftshop.gov
authns2.centurylink.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset
capitolgiftshop.gov
ns3.comcastbusiness.net is authoritative for capitolgiftshop.gov
Found 1 RRSIGs over NSEC RRset
RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
NSEC proves no records of type A exist for capitolgiftshop.gov
Found 1 RRSIGs over SOA RRset
RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test capitolgiftshop.gov at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options