| Zone (*) | DNSSEC - Informations |
|---|
|
|
Zone: (root)
|
|
(root)
| 1 DS RR published
|
|
|
|
|
| • Status: Valid because published
|
|
|
|
|
| 3 DNSKEY RR found
|
|
|
|
|
| Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)
|
|
|
|
|
| Public Key with Algorithm 8, KeyTag 22545, Flags 256
|
|
|
|
|
| Public Key with Algorithm 8, KeyTag 33853, Flags 256
|
|
|
|
|
| 1 RRSIG RR to validate DNSKEY RR found
|
|
|
|
|
| RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.01.2020, 00:00:00 +, Signature-Inception: 20.12.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)
|
|
|
|
|
| • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet
|
|
|
|
|
| • Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
|
|
|
Zone: social
|
|
social
| 2 DS RR in the parent zone found
|
|
|
|
|
| 1 RRSIG RR to validate DS RR found
|
|
|
|
|
| RRSIG-Owner social., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.01.2020, 17:00:00 +, Signature-Inception: 31.12.2019, 16:00:00 +, KeyTag 22545, Signer-Name: (root)
|
|
|
|
|
| • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 22545 used to validate the DS RRSet in the parent zone
|
|
|
|
|
| 2 DNSKEY RR found
|
|
|
|
|
| Public Key with Algorithm 8, KeyTag 32212, Flags 257 (SEP = Secure Entry Point)
|
|
|
|
|
| Public Key with Algorithm 8, KeyTag 33873, Flags 256
|
|
|
|
|
| 2 RRSIG RR to validate DNSKEY RR found
|
|
|
|
|
| RRSIG-Owner social., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 29.01.2020, 11:41:10 +, Signature-Inception: 30.12.2019, 10:54:02 +, KeyTag 32212, Signer-Name: social
|
|
|
|
|
| RRSIG-Owner social., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 29.01.2020, 11:41:10 +, Signature-Inception: 30.12.2019, 10:54:02 +, KeyTag 33873, Signer-Name: social
|
|
|
|
|
| • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 32212 used to validate the DNSKEY RRSet
|
|
|
|
|
| • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 33873 used to validate the DNSKEY RRSet
|
|
|
|
|
| • Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 32212, DigestType 1 and Digest "ugCI2ts45fIF7KTHHcz5dsLaz6s=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
|
|
|
|
|
| • Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 32212, DigestType 2 and Digest "H/hJK/Dd/jwDXG4hz39TEQtBTyPwbfPQbIfGerXTOF8=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
|
|
|
Zone: nsfw.social
|
|
nsfw.social
| 1 DS RR in the parent zone found
|
|
|
|
|
| 1 RRSIG RR to validate DS RR found
|
|
|
|
|
| RRSIG-Owner nsfw.social., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 28.01.2020, 08:03:39 +, Signature-Inception: 29.12.2019, 07:23:18 +, KeyTag 33873, Signer-Name: social
|
|
|
|
|
| • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 33873 used to validate the DS RRSet in the parent zone
|
|
|
|
|
| 2 DNSKEY RR found
|
|
|
|
|
| Public Key with Algorithm 13, KeyTag 2371, Flags 257 (SEP = Secure Entry Point)
|
|
|
|
|
| Public Key with Algorithm 13, KeyTag 34505, Flags 256
|
|
|
|
|
| 1 RRSIG RR to validate DNSKEY RR found
|
|
|
|
|
| RRSIG-Owner nsfw.social., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 19.01.2020, 23:08:52 +, Signature-Inception: 20.11.2019, 23:08:52 +, KeyTag 2371, Signer-Name: nsfw.social
|
|
|
|
|
| • Status: Good - Algorithmus 13 and DNSKEY with KeyTag 2371 used to validate the DNSKEY RRSet
|
|
|
|
|
| • Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 2371, DigestType 2 and Digest "CH9eey1bf0lWNUHn8FVFFC1SAsfn38Nu8IUwmtRSNVk=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
|
|
|
|
|
| RRSIG Type 1 validates the A - Result: 104.27.188.212
104.27.189.212
Validated: RRSIG-Owner nsfw.social., Algorithm: 13, 2 Labels, original TTL: 300 sec, Signature-expiration: 02.01.2020, 01:40:13 +, Signature-Inception: 30.12.2019, 23:40:13 +, KeyTag 34505, Signer-Name: nsfw.social
|
|
|
|
|
| RRSIG Type 16 validates the TXT - Result: v=spf1 mx -all
ca3-c603de9d89a94ecd8cbd78c2e5bb4429
brave-ledger-verification=b5ab376fe9a528b71ce2ea51c2f3263598b5178a3df53d57074e04612b877d76
Validated: RRSIG-Owner nsfw.social., Algorithm: 13, 2 Labels, original TTL: 300 sec, Signature-expiration: 02.01.2020, 01:40:13 +, Signature-Inception: 30.12.2019, 23:40:13 +, KeyTag 34505, Signer-Name: nsfw.social
|
|
|
|
|
| RRSIG Type 28 validates the AAAA - Result: 2606:4700:0030:0000:0000:0000:681B:BCD4
2606:4700:0030:0000:0000:0000:681B:BDD4
Validated: RRSIG-Owner nsfw.social., Algorithm: 13, 2 Labels, original TTL: 300 sec, Signature-expiration: 02.01.2020, 01:40:13 +, Signature-Inception: 30.12.2019, 23:40:13 +, KeyTag 34505, Signer-Name: nsfw.social
|
|
|
|
|
| RRSIG Type 257 validates the CAA - Result: 5|issuecomodoca.com
5|issuedigicert.com
5|issuedigicert.com; cansignhttpexchanges=yes
5|issueletsencrypt.org
9|issuewildcomodoca.com
9|issuewilddigicert.com
9|issuewilddigicert.com; cansignhttpexchanges=yes
9|issuewildletsencrypt.org
Validated: RRSIG-Owner nsfw.social., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 02.01.2020, 01:40:13 +, Signature-Inception: 30.12.2019, 23:40:13 +, KeyTag 34505, Signer-Name: nsfw.social
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:13 + validates the NSEC RR that proves the not-existence of the CNAME RR. Owner nsfw.social, NextOwner: \000.nsfw.social.
Bitmap: A, NS, SOA, 13, MX, TXT, AAAA, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, DNSKEY, TLSA, HIP, CDS, CDNSKEY, 61, 99, CAA
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:13 + validates the NSEC RR that proves the not-existence of the TLSA RR. Owner _443._tcp.nsfw.social, NextOwner: \000._443._tcp.nsfw.social.
Bitmap: RRSIG, NSEC
|
|
|
Zone: www.nsfw.social
|
|
www.nsfw.social
| 0 DS RR in the parent zone found
|
|
|
|
|
| DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "www.nsfw.social" and the NextOwner "\000.www.nsfw.social". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: A, 13, MX, TXT, AAAA, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, TLSA, HIP, 61, 99, CAA
|
|
|
|
|
| RRSIG Type 16 validates the TXT - Result: v=spf1 -all
Validated: RRSIG-Owner www.nsfw.social., Algorithm: 13, 3 Labels, original TTL: 300 sec, Signature-expiration: 02.01.2020, 01:40:14 +, Signature-Inception: 30.12.2019, 23:40:14 +, KeyTag 34505, Signer-Name: nsfw.social
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:14 + validates the NSEC RR that proves the not-existence of the A RR. Owner www.nsfw.social, NextOwner: \000.www.nsfw.social.
Bitmap: 13, MX, TXT, AAAA, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, TLSA, HIP, 61, 99, CAA
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:14 + validates the NSEC RR that proves the not-existence of the CNAME RR. Owner www.nsfw.social, NextOwner: \000.www.nsfw.social.
Bitmap: A, 13, MX, TXT, AAAA, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, TLSA, HIP, 61, 99, CAA
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:14 + validates the NSEC RR that proves the not-existence of the AAAA RR. Owner www.nsfw.social, NextOwner: \000.www.nsfw.social.
Bitmap: A, 13, MX, TXT, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, TLSA, HIP, 61, 99, CAA
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:14 + validates the NSEC RR that proves the not-existence of the TLSA RR. Owner _443._tcp.www.nsfw.social, NextOwner: \000._443._tcp.www.nsfw.social.
Bitmap: RRSIG, NSEC
|
|
|
|
|
| RRSIG Type 47, expiration 2020-01-02 01:40:14 + validates the NSEC RR that proves the not-existence of the CAA RR. Owner www.nsfw.social, NextOwner: \000.www.nsfw.social.
Bitmap: A, 13, MX, TXT, AAAA, LOC, SRV, CERT, SSHFP, RRSIG, NSEC, TLSA, HIP, 61, 99
|
%22%20style=%22background-color:rgb(255,255,255)%22%3e%3c/svg%3e)