Dns-01 use cached reply from own letsencrypt ns

Checking your ip addresses manual

ns8-l2.nic.ru has the old value:

:~$ dig TXT _acme-challenge.starline.ru. @91.217.21.1

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> TXT _acme-challenge.starline.ru. @91.217.21.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9205
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_acme-challenge.starline.ru. IN TXT

;; ANSWER SECTION:
acme-challenge.starline.ru. 60 IN TXT "iTW56-Etrv3MrqjwHZgReswRqrIh_3rYpsuIMz636I"

;; AUTHORITY SECTION:
starline.ru. 3600 IN NS ns8-l2.nic.ru.
starline.ru. 3600 IN NS ns3.ultrastar.ru.
starline.ru. 3600 IN NS ns.ultrastar.ru.
starline.ru. 3600 IN NS ns4-cloud.nic.ru.
starline.ru. 3600 IN NS ns2.ultrastar.ru.
starline.ru. 3600 IN NS ns4-l2.nic.ru.
starline.ru. 3600 IN NS ns8-cloud.nic.ru.

;; Query time: 60 msec
;; SERVER: 91.217.21.1#53(91.217.21.1)
;; WHEN: Sun May 31 00:25:56 CEST 2020
;; MSG SIZE rcvd: 269

Looks like your name server updates don't work.

And both T-adresses (87.248.236.18, 80.73.202.138) don't answer again.

1 Like