Inquiry About Publicly Available RPKI-Invalid Route Information
Greetings! I am a researcher working on BGP security in Tsinghua University, specifically focusing on ROV deployment and its effectiveness against prefix hijacking attacks. Now I am seeking information about ASes that have received or observed RPKI-Invalid routes in the wild. I'm wondering if anyone or any organization has shared or is willing to share such information? I understand that such data might be sensitive, so all these data will be used carefully and kept private. Thanks! Best regards, Jiayi
Hi, I am not sure if I understand your question correctly. If I didn't, feel free to correct me. Every single AS out there "receives" RPKI-invalid routes. They are just... there. There is a background noise of about 2-3% of RPKI-invalid routes at all times (you can check this using the NIST RPKI Monitor web). As to which specific routes are these it is possible to craft a 40 line python script that takes RIPE's riswhois dump file and matches that with the CSV output of any RPKI validator. If you ask ChatGPT nicely it will do it for you :-) Regards, /Carlos On Mon, Feb 24, 2025 at 1:44 PM 石佳一 <sjy23@mails.tsinghua.edu.cn> wrote:
Greetings! I am a researcher working on BGP security in Tsinghua University, specifically focusing on ROV deployment and its effectiveness against prefix hijacking attacks.
Now I am seeking information about ASes that have received or observed RPKI-Invalid routes in the wild. I'm wondering if anyone or any organization has shared or is willing to share such information?
I understand that such data might be sensitive, so all these data will be used carefully and kept private.
Thanks!
Best regards,
Jiayi
-- -- ========================= Carlos M. Martinez-Cagnazzo http://cagnazzo.me =========================
participants (2)
-
Carlos Martinez-Cagnazzo -
石佳一