aboutsummaryrefslogtreecommitdiff
path: root/plugin/file/dnssec_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'plugin/file/dnssec_test.go')
-rw-r--r--plugin/file/dnssec_test.go358
1 files changed, 358 insertions, 0 deletions
diff --git a/plugin/file/dnssec_test.go b/plugin/file/dnssec_test.go
new file mode 100644
index 000000000..17b122c7e
--- /dev/null
+++ b/plugin/file/dnssec_test.go
@@ -0,0 +1,358 @@
+package file
+
+import (
+ "strings"
+ "testing"
+
+ "github.com/coredns/coredns/plugin/pkg/dnsrecorder"
+ "github.com/coredns/coredns/plugin/test"
+
+ "github.com/miekg/dns"
+ "golang.org/x/net/context"
+)
+
+var dnssecTestCases = []test.Case{
+ {
+ Qname: "miek.nl.", Qtype: dns.TypeSOA, Do: true,
+ Answer: []dns.RR{
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ Ns: auth,
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "miek.nl.", Qtype: dns.TypeAAAA, Do: true,
+ Answer: []dns.RR{
+ test.AAAA("miek.nl. 1800 IN AAAA 2a01:7e00::f03c:91ff:fef1:6735"),
+ test.RRSIG("miek.nl. 1800 IN RRSIG AAAA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. SsRT="),
+ },
+ Ns: auth,
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "miek.nl.", Qtype: dns.TypeNS, Do: true,
+ Answer: []dns.RR{
+ test.NS("miek.nl. 1800 IN NS ext.ns.whyscream.net."),
+ test.NS("miek.nl. 1800 IN NS linode.atoom.net."),
+ test.NS("miek.nl. 1800 IN NS ns-ext.nlnetlabs.nl."),
+ test.NS("miek.nl. 1800 IN NS omval.tednet.nl."),
+ test.RRSIG("miek.nl. 1800 IN RRSIG NS 8 2 1800 20160426031301 20160327031301 12051 miek.nl. ZLtsQhwaz+lHfNpztFoR1Vxs="),
+ },
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "miek.nl.", Qtype: dns.TypeMX, Do: true,
+ Answer: []dns.RR{
+ test.MX("miek.nl. 1800 IN MX 1 aspmx.l.google.com."),
+ test.MX("miek.nl. 1800 IN MX 10 aspmx2.googlemail.com."),
+ test.MX("miek.nl. 1800 IN MX 10 aspmx3.googlemail.com."),
+ test.MX("miek.nl. 1800 IN MX 5 alt1.aspmx.l.google.com."),
+ test.MX("miek.nl. 1800 IN MX 5 alt2.aspmx.l.google.com."),
+ test.RRSIG("miek.nl. 1800 IN RRSIG MX 8 2 1800 20160426031301 20160327031301 12051 miek.nl. kLqG+iOr="),
+ },
+ Ns: auth,
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "www.miek.nl.", Qtype: dns.TypeA, Do: true,
+ Answer: []dns.RR{
+ test.A("a.miek.nl. 1800 IN A 139.162.196.78"),
+ test.RRSIG("a.miek.nl. 1800 IN RRSIG A 8 3 1800 20160426031301 20160327031301 12051 miek.nl. lxLotCjWZ3kihTxk="),
+ test.CNAME("www.miek.nl. 1800 IN CNAME a.miek.nl."),
+ test.RRSIG("www.miek.nl. 1800 RRSIG CNAME 8 3 1800 20160426031301 20160327031301 12051 miek.nl. NVZmMJaypS+wDL2Lar4Zw1zF"),
+ },
+ Ns: auth,
+ Extra: []dns.RR{
+ test.OPT(4096, true),
+ },
+ },
+ {
+ // NoData
+ Qname: "a.miek.nl.", Qtype: dns.TypeSRV, Do: true,
+ Ns: []dns.RR{
+ test.NSEC("a.miek.nl. 14400 IN NSEC archive.miek.nl. A AAAA RRSIG NSEC"),
+ test.RRSIG("a.miek.nl. 14400 IN RRSIG NSEC 8 3 14400 20160426031301 20160327031301 12051 miek.nl. GqnF6cutipmSHEao="),
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "b.miek.nl.", Qtype: dns.TypeA, Do: true,
+ Rcode: dns.RcodeNameError,
+ Ns: []dns.RR{
+ test.NSEC("archive.miek.nl. 14400 IN NSEC go.dns.miek.nl. CNAME RRSIG NSEC"),
+ test.RRSIG("archive.miek.nl. 14400 IN RRSIG NSEC 8 3 14400 20160426031301 20160327031301 12051 miek.nl. jEpx8lcp4do5fWXg="),
+ test.NSEC("miek.nl. 14400 IN NSEC a.miek.nl. A NS SOA MX AAAA RRSIG NSEC DNSKEY"),
+ test.RRSIG("miek.nl. 14400 IN RRSIG NSEC 8 2 14400 20160426031301 20160327031301 12051 miek.nl. mFfc3r/9PSC1H6oSpdC"),
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "b.blaat.miek.nl.", Qtype: dns.TypeA, Do: true,
+ Rcode: dns.RcodeNameError,
+ Ns: []dns.RR{
+ test.NSEC("archive.miek.nl. 14400 IN NSEC go.dns.miek.nl. CNAME RRSIG NSEC"),
+ test.RRSIG("archive.miek.nl. 14400 IN RRSIG NSEC 8 3 14400 20160426031301 20160327031301 12051 miek.nl. jEpx8lcp4do5fWXg="),
+ test.NSEC("miek.nl. 14400 IN NSEC a.miek.nl. A NS SOA MX AAAA RRSIG NSEC DNSKEY"),
+ test.RRSIG("miek.nl. 14400 IN RRSIG NSEC 8 2 14400 20160426031301 20160327031301 12051 miek.nl. mFfc3r/9PSC1H6oSpdC"),
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+ {
+ Qname: "b.a.miek.nl.", Qtype: dns.TypeA, Do: true,
+ Rcode: dns.RcodeNameError,
+ Ns: []dns.RR{
+ // dedupped NSEC, because 1 nsec tells all
+ test.NSEC("a.miek.nl. 14400 IN NSEC archive.miek.nl. A AAAA RRSIG NSEC"),
+ test.RRSIG("a.miek.nl. 14400 IN RRSIG NSEC 8 3 14400 20160426031301 20160327031301 12051 miek.nl. GqnF6cut/RRGPQ1QGQE1ipmSHEao="),
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ Extra: []dns.RR{test.OPT(4096, true)},
+ },
+}
+
+var auth = []dns.RR{
+ test.NS("miek.nl. 1800 IN NS ext.ns.whyscream.net."),
+ test.NS("miek.nl. 1800 IN NS linode.atoom.net."),
+ test.NS("miek.nl. 1800 IN NS ns-ext.nlnetlabs.nl."),
+ test.NS("miek.nl. 1800 IN NS omval.tednet.nl."),
+ test.RRSIG("miek.nl. 1800 IN RRSIG NS 8 2 1800 20160426031301 20160327031301 12051 miek.nl. ZLtsQhwazbqSpztFoR1Vxs="),
+}
+
+func TestLookupDNSSEC(t *testing.T) {
+ zone, err := Parse(strings.NewReader(dbMiekNLSigned), testzone, "stdin", 0)
+ if err != nil {
+ t.Fatalf("Expected no error when reading zone, got %q", err)
+ }
+
+ fm := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{testzone: zone}, Names: []string{testzone}}}
+ ctx := context.TODO()
+
+ for _, tc := range dnssecTestCases {
+ m := tc.Msg()
+
+ rec := dnsrecorder.New(&test.ResponseWriter{})
+ _, err := fm.ServeDNS(ctx, rec, m)
+ if err != nil {
+ t.Errorf("Expected no error, got %v\n", err)
+ return
+ }
+
+ resp := rec.Msg
+ test.SortAndCheck(t, resp, tc)
+ }
+}
+
+func BenchmarkFileLookupDNSSEC(b *testing.B) {
+ zone, err := Parse(strings.NewReader(dbMiekNLSigned), testzone, "stdin", 0)
+ if err != nil {
+ return
+ }
+
+ fm := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{testzone: zone}, Names: []string{testzone}}}
+ ctx := context.TODO()
+ rec := dnsrecorder.New(&test.ResponseWriter{})
+
+ tc := test.Case{
+ Qname: "b.miek.nl.", Qtype: dns.TypeA, Do: true,
+ Rcode: dns.RcodeNameError,
+ Ns: []dns.RR{
+ test.NSEC("archive.miek.nl. 14400 IN NSEC go.dns.miek.nl. CNAME RRSIG NSEC"),
+ test.RRSIG("archive.miek.nl. 14400 IN RRSIG NSEC 8 3 14400 20160426031301 20160327031301 12051 miek.nl. jEpx8lcp4do5fWXg="),
+ test.NSEC("miek.nl. 14400 IN NSEC a.miek.nl. A NS SOA MX AAAA RRSIG NSEC DNSKEY"),
+ test.RRSIG("miek.nl. 14400 IN RRSIG NSEC 8 2 14400 20160426031301 20160327031301 12051 miek.nl. mFfc3r/9PSC1H6oSpdC"),
+ test.RRSIG("miek.nl. 1800 IN RRSIG SOA 8 2 1800 20160426031301 20160327031301 12051 miek.nl. FIrzy07acBbtyQczy1dc="),
+ test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
+ },
+ }
+
+ m := tc.Msg()
+
+ b.ResetTimer()
+
+ for i := 0; i < b.N; i++ {
+ fm.ServeDNS(ctx, rec, m)
+ }
+}
+
+const dbMiekNLSigned = `
+; File written on Sun Mar 27 04:13:01 2016
+; dnssec_signzone version 9.10.3-P4-Ubuntu
+miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. (
+ 1459051981 ; serial
+ 14400 ; refresh (4 hours)
+ 3600 ; retry (1 hour)
+ 604800 ; expire (1 week)
+ 14400 ; minimum (4 hours)
+ )
+ 1800 RRSIG SOA 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ FIrzy07acBzrf6kNW13Ypmq/ahojoMqOj0qJ
+ ixTevTvwOEcVuw9GlJoYIHTYg+hm1sZHtx9K
+ RiVmYsm8SHKsJA1WzixtT4K7vQvM+T+qbeOJ
+ xA6YTivKUcGRWRXQlOTUAlHS/KqBEfmxKgRS
+ 68G4oOEClFDSJKh7RbtyQczy1dc= )
+ 1800 NS ext.ns.whyscream.net.
+ 1800 NS omval.tednet.nl.
+ 1800 NS linode.atoom.net.
+ 1800 NS ns-ext.nlnetlabs.nl.
+ 1800 RRSIG NS 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ ZLtsQhwaz+CwrgzgFiEAqbqS/JH65MYjziA3
+ 6EXwlGDy41lcfGm71PpxA7cDzFhWNkJNk4QF
+ q48wtpP4IGPPpHbnJHKDUXj6se7S+ylAGbS+
+ VgVJ4YaVcE6xA9ZVhVpz8CSSjeH34vmqq9xj
+ zmFjofuDvraZflHfNpztFoR1Vxs= )
+ 1800 A 139.162.196.78
+ 1800 RRSIG A 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ hl+6Q075tsCkxIqbop8zZ6U8rlFvooz7Izzx
+ MgCZYVLcg75El28EXKIhBfRb1dPaKbd+v+AD
+ wrJMHL131pY5sU2Ly05K+7CqmmyaXgDaVsKS
+ rSw/TbhGDIItBemeseeuXGAKAbY2+gE7kNN9
+ mZoQ9hRB3SrxE2jhctv66DzYYQQ= )
+ 1800 MX 1 aspmx.l.google.com.
+ 1800 MX 5 alt1.aspmx.l.google.com.
+ 1800 MX 5 alt2.aspmx.l.google.com.
+ 1800 MX 10 aspmx2.googlemail.com.
+ 1800 MX 10 aspmx3.googlemail.com.
+ 1800 RRSIG MX 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ kLqG+iOrKSzms1H9Et9me8Zts1rbyeCFSVQD
+ G9is/u6ec3Lqg2vwJddf/yRsjVpVgadWSAkc
+ GSDuD2dK8oBeP24axWc3Z1OY2gdMI7w+PKWT
+ Z+pjHVjbjM47Ii/a6jk5SYeOwpGMsdEwhtTP
+ vk2O2WGljifqV3uE7GshF5WNR10= )
+ 1800 AAAA 2a01:7e00::f03c:91ff:fef1:6735
+ 1800 RRSIG AAAA 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ SsRTHytW4YTAuHovHQgfIMhNwMtMp4gaAU/Z
+ lgTO+IkBb9y9F8uHrf25gG6RqA1bnGV/gezV
+ NU5negXm50bf1BNcyn3aCwEbA0rCGYIL+nLJ
+ szlBVbBu6me/Ym9bbJlfgfHRDfsVy2ZkNL+B
+ jfNQtGCSDoJwshjcqJlfIVSardo= )
+ 14400 NSEC a.miek.nl. A NS SOA MX AAAA RRSIG NSEC DNSKEY
+ 14400 RRSIG NSEC 8 2 14400 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ mFfc3r/9PSC1H6oSpdC+FDy/Iu02W2Tf0x+b
+ n6Lpe1gCC1uvcSUrrmBNlyAWRr5Zm+ZXssEb
+ cKddRGiu/5sf0bUWrs4tqokL/HUl10X/sBxb
+ HfwNAeD7R7+CkpMv67li5AhsDgmQzpX2r3P6
+ /6oZyLvODGobysbmzeWM6ckE8IE= )
+ 1800 DNSKEY 256 3 8 (
+ AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6
+ E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5EC
+ IoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb
+ 2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXH
+ Py7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz
+ ) ; ZSK; alg = RSASHA256; key id = 12051
+ 1800 DNSKEY 257 3 8 (
+ AwEAAcWdjBl4W4wh/hPxMDcBytmNCvEngIgB
+ 9Ut3C2+QI0oVz78/WK9KPoQF7B74JQ/mjO4f
+ vIncBmPp6mFNxs9/WQX0IXf7oKviEVOXLjct
+ R4D1KQLX0wprvtUIsQFIGdXaO6suTT5eDbSd
+ 6tTwu5xIkGkDmQhhH8OQydoEuCwV245ZwF/8
+ AIsqBYDNQtQ6zhd6jDC+uZJXg/9LuPOxFHbi
+ MTjp6j3CCW0kHbfM/YHZErWWtjPj3U3Z7knQ
+ SIm5PO5FRKBEYDdr5UxWJ/1/20SrzI3iztvP
+ wHDsA2rdHm/4YRzq7CvG4N0t9ac/T0a0Sxba
+ /BUX2UVPWaIVBdTRBtgHi0s=
+ ) ; KSK; alg = RSASHA256; key id = 33694
+ 1800 RRSIG DNSKEY 8 2 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ o/D6o8+/bNGQyyRvwZ2hM0BJ+3HirvNjZoko
+ yGhGe9sPSrYU39WF3JVIQvNJFK6W3/iwlKir
+ TPOeYlN6QilnztFq1vpCxwj2kxJaIJhZecig
+ LsKxY/fOHwZlIbBLZZadQG6JoGRLHnImSzpf
+ xtyVaXQtfnJFC07HHt9np3kICfE= )
+ 1800 RRSIG DNSKEY 8 2 1800 (
+ 20160426031301 20160327031301 33694 miek.nl.
+ Ak/mbbQVQV+nUgw5Sw/c+TSoYqIwbLARzuNE
+ QJvJNoRR4tKVOY6qSxQv+j5S7vzyORZ+yeDp
+ NlEa1T9kxZVBMABoOtLX5kRqZncgijuH8fxb
+ L57Sv2IzINI9+DOcy9Q9p9ygtwYzQKrYoNi1
+ 0hwHi6emGkVG2gGghruMinwOJASGgQy487Yd
+ eIpcEKJRw73nxd2le/4/Vafy+mBpKWOczfYi
+ 5m9MSSxcK56NFYjPG7TvdIw0m70F/smY9KBP
+ pGWEdzRQDlqfZ4fpDaTAFGyRX0mPFzMbs1DD
+ 3hQ4LHUSi/NgQakdH9eF42EVEDeL4cI69K98
+ 6NNk6X9TRslO694HKw== )
+a.miek.nl. 1800 IN A 139.162.196.78
+ 1800 RRSIG A 8 3 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ lxLotCjWZ3kikNNcePu6HOCqMHDINKFRJRD8
+ laz2KQ9DKtgXPdnRw5RJvVITSj8GUVzw1ec1
+ CYVEKu/eMw/rc953Zns528QBypGPeMNLe2vu
+ C6a6UhZnGHA48dSd9EX33eSJs0MP9xsC9csv
+ LGdzYmv++eslkKxkhSOk2j/hTxk= )
+ 1800 AAAA 2a01:7e00::f03c:91ff:fef1:6735
+ 1800 RRSIG AAAA 8 3 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ ji3QMlaUzlK85ppB5Pc+y2WnfqOi6qrm6dm1
+ bXgsEov/5UV1Lmcv8+Y5NBbTbBlXGlWcpqNp
+ uWpf9z3lbguDWznpnasN2MM8t7yxo/Cr7WRf
+ QCzui7ewpWiA5hq7j0kVbM4nnDc6cO+U93hO
+ mMhVbeVI70HM2m0HaHkziEyzVZk= )
+ 14400 NSEC archive.miek.nl. A AAAA RRSIG NSEC
+ 14400 RRSIG NSEC 8 3 14400 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ GqnF6cut/KCxbnJj27MCjjVGkjObV0hLhHOP
+ E1/GXAUTEKG6BWxJq8hidS3p/yrOmP5PEL9T
+ 4FjBp0/REdVmGpuLaiHyMselES82p/uMMdY5
+ QqRM6LHhZdO1zsRbyzOZbm5MsW6GR7K2kHlX
+ 9TdBIULiRRGPQ1QGQE1ipmSHEao= )
+archive.miek.nl. 1800 IN CNAME a.miek.nl.
+ 1800 RRSIG CNAME 8 3 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ s4zVJiDrVuUiUFr8CNQLuXYYfpqpl8rovL50
+ BYsub/xK756NENiOTAOjYH6KYg7RSzsygJjV
+ YQwXolZly2/KXAr48SCtxzkGFxLexxiKcFaj
+ vm7ZDl7Btoa5l68qmBcxOX5E/W0IKITi4PNK
+ mhBs7dlaf0IbPGNgMxae72RosxM= )
+ 14400 NSEC go.dns.miek.nl. CNAME RRSIG NSEC
+ 14400 RRSIG NSEC 8 3 14400 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ jEp7LsoK++/PRFh2HieLzasA1jXBpp90NyDf
+ RfpfOxdM69yRKfvXMc2bazIiMuDhxht79dGI
+ Gj02cn1cvX60SlaHkeFtqTdJcHdK9rbI65EK
+ YHFZFzGh9XVnuMJKpUsm/xS1dnUSAnXN8q+0
+ xBlUDlQpsAFv/cx8lcp4do5fWXg= )
+go.dns.miek.nl. 1800 IN TXT "Hello!"
+ 1800 RRSIG TXT 8 4 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ O0uo1NsXTq2TTfgOmGbHQQEchrcpllaDAMMX
+ dTDizw3t+vZ5SR32qJ8W7y6VXLgUqJgcdRxS
+ Fou1pp+t5juRZSQ0LKgxMpZAgHorkzPvRf1b
+ E9eBKrDSuLGagsQRwHeldFGFgsXtCbf07vVH
+ zoKR8ynuG4/cAoY0JzMhCts+56U= )
+ 14400 NSEC www.miek.nl. TXT RRSIG NSEC
+ 14400 RRSIG NSEC 8 4 14400 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ BW6qo7kYe3Z+Y0ebaVTWTy1c3bpdf8WUEoXq
+ WDQxLDEj2fFiuEBDaSN5lTWRg3wj8kZmr6Uk
+ LvX0P29lbATFarIgkyiAdbOEdaf88nMfqBW8
+ z2T5xrPQcN0F13uehmv395yAJs4tebRxErMl
+ KdkVF0dskaDvw8Wo3YgjHUf6TXM= )
+www.miek.nl. 1800 IN CNAME a.miek.nl.
+ 1800 RRSIG CNAME 8 3 1800 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ MiQQh2lScoNiNVZmMJaypS+wDL2Lar4Zw1zF
+ Uo4tL16BfQOt7yl8gXdAH2JMFqoKAoIdM2K6
+ XwFOwKTOGSW0oNCOcaE7ts+1Z1U0H3O2tHfq
+ FAzfg1s9pQ5zxk8J/bJgkVIkw2/cyB0y1/PK
+ EmIqvChBSb4NchTuMCSqo63LJM8= )
+ 14400 NSEC miek.nl. CNAME RRSIG NSEC
+ 14400 RRSIG NSEC 8 3 14400 (
+ 20160426031301 20160327031301 12051 miek.nl.
+ OPPZ8iaUPrVKEP4cqeCiiv1WLRAY30GRIhc/
+ me0gBwFkbmTEnvB+rUp831OJZDZBNKv4QdZj
+ Uyc26wKUOQeUyMJqv4IRDgxH7nq9GB5JRjYZ
+ IVxtGD1aqWLXz+8aMaf9ARJjtYUd3K4lt8Wz
+ LbJSo5Wdq7GOWqhgkY5n3XD0/FA= )`
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-20 19:49:45 +0000