Bonjour La liste, I’ve been trying to get in touch with someone at SFR to ask them to fix their RPKI + ROA configuration. I tried Pedro Gasalho and Xavier Caillaud but that didn’t work so far.
Analysis of the RPKI data set shows that 160 BGP announcements that are done with SFR address space are flagged as RPKI invalid (i.e. a hijack). More and more operators are using the RPKI data set for making routing decisions and I wouldn’t want incorrect invalids to affect the reachability, or that of their customers: http://majesticmoose.net/various/fr.ldcomnet_invalids.txt Examples: Prefixes being originated from the correct AS, but they are more specific than is allowed by the ROA: http://localcert.ripe.net:8088/bgp-preview?q=86.65.48.0/24 Prefixes is a more specific announcement of the aggregate and is done from other (customer) ASNs: http://localcert.ripe.net:8088/bgp-preview?q=79.89.230.0/24 Thanks for any help anyone can offer, Alex Band Product Manager RIPE NCC --------------------------- Liste de diffusion du FRnOG http://www.frnog.org/
