[lacnog] Origin Validation Looking Glass // English version

[Carlos Martinez-Cagnazzo]

Hello all, this is the English version of our earlier email regarding
our new tool, the Origin Valdation Looking Glass.

We at LACNIC have implemented a tool that downloads a daily BGP
routing table dump from RIPE's RIS Project (http://ris.ripe.net) and
compares it to the validated ROAs obtained from the five RIRs RPKI
Repositories.This allows the tool to identify BGP prefix announcements
that would be detected either as valid or invalid by routers
performing origin validation (if they were in operation today)

The tool is available through this URL:
http://www.labs.lacnic.net/rpkitools/looking_glass/

The database is refreshed once a day (7 am GMT-2). All feedback is of
course welcome. Beware that it is pretty crude at this point and also
be warned that it can blow up in your face without warning :-)

A few interesting figures:

- There are approximately ~5300 invalid prefixes- There are
approximately ~2800 valid prefixes
Out of the invalid prefixes we can see that:
- There are ~ 3100 invalids due to bad maxLen (more specific routes
currently being announced)- There are ~ 2200 invalids due to wrong
origin AS (routes announced by an AS that does not match the origin AS
specified in the covering ROA)
Some recommendations:

- If you have created ROAs, please take a minute to perform some
searches on your prefixes. If you have any questions regarding
possible invalid announcements, please do not hesitate to contact us
by private email

- If you want to create ROAs, and need help/support, also please
contact us directly.
We are working on adding some additional features. We'll keep you posted!
Have a nice weekend!
Carlos