Opened 12 months ago

Last modified 12 months ago

#27235 new enhancement

add route_origin_rpki_validity field

Reported by: nusenu Owned by: metrics-team
Priority: Medium Milestone:
Component: Metrics/Onionoo Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

motivation:

  • bring routing security awareness and indicators to relay operators
  • increase routing security by encouraging relay operators to ask their ISPs for properly configured prefixes

context:
https://medium.com/@nusenu/how-vulnerable-is-the-tor-network-to-bgp-hijacking-attacks-56d3b2ebfd92

this field should contain the following information:

  • RPKI ROA validity state for IPv4 and IPv6 (enum: NotFound, Invalid, Valid)
  • invalid reason for IPv4 and IPv6 (enum: 'as', 'length')

validator software by RIPE (alternatively you can use RIPEstat, but running it yourself is likely a lot faster)
https://www.ripe.net/manage-ips-and-asns/resource-management/certification/tools-and-resources

depends on: #27155

Child Tickets

Change History (2)

comment:1 Changed 12 months ago by nusenu

Summary: add rpki_state fieldadd rpki_roa_validity field

comment:2 Changed 12 months ago by nusenu

Summary: add rpki_roa_validity fieldadd route_origin_rpki_validity field
Note: See TracTickets for help on using tickets.