[GTER] Fwd: Routinator 3000 and the RPKI project

Christian David davidchristia at gmail.com
Wed Nov 7 19:42:26 -02 2018

-------- Mensagem encaminhada --------
Assunto: 	Routinator 3000 and the RPKI project
Data: 	Wed, 7 Nov 2018 15:30:12 +0700
De: 	Alex Band <alex at nlnetlabs.nl>
Para: 	NANOG list <nanog at nanog.org>

Hello all!

Several months ago NLnet Labs committed to building a free open source 
RPKI toolset to help making BGP routing more secure. This project 
includes a Certificate Authority, allowing you to run a Delegated CA on 
your own systems as a child of one or more RIRs, a Publication Server 
that lets you publish RPKI material or let a third party do it on your 
behalf and lastly Relying Party software, in order to validate RPKI data 
and feed it to your routers.

I want to give you a little update on where we are now. Since kicking 
off this project, RIPE NCC and NIC.br have graciously committed to 
funding these efforts, ensuring we can dedicate full time resources on 
this in the coming years.
In the mean time, we’ve released (and then fixed :cough:) the first 
version of our Relying Party software. It’s designed to be super lean 
(as in, runs fine on a Pi Zero) and implements the basic set of 
functionality: fetching and validating RPKI data and exposing route 
origin attestations both as output (CSV, JSON, RPSL) and to routers via 
the RPKI-RTR protocol.
We’re very much looking forward to your operational feedback, to ensure 
this package runs well in a wide variety of environments. Going forward, 
we’ll be focussing on monitoring for the next release.

You can find the source code and further details on Github:


Alex Band
NLnet Labs

More information about the gter mailing list