rov 0.0.1

Offline Internet route origin validation using RPKI, IRR, and RIRs delegated databases

route-origin-validator

Offline Internet route origin validation using RPKI, IRR, and RIRs delegated databases

This python library is designed for validating a large number of routes in one shot. It downloads IRR, RPKI, and delegated databases to avoid network overhead for each query.

Installation

pip install rov

Usage:

In python (recommended for large batches)

import json
from ihr.rov import ROV

# list of routes we want to validate
routes = [
    ['1.1.1.0/24', 13335],
    ['2.2.2.0/24', 3215],
    ['3.3.3.0/24', 16509],
    ['4.4.4.0/24', 198949],
    ['5.5.5.0/24', 6805],
    ]
    

rov = ROV()

# optional: download latest databases if needed
rov.download_databases()

# read databases, this may take a minute or so
rov.load_databases()

# this should be super fast
for prefix, asn in routes:
    state = rov.check(prefix, asn)
    print(prefix)
    print(json.dumps(state, indent=4))

# prints this:
#1.1.1.0/24
#{
#    "irr": "Valid",
#    "rpki": "Valid",
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "1.1.1.0/24",
#            "date": "20110811",
#            "registry": "apnic",
#            "country": "AU"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "arin"
#        }
#    }
#}
#2.2.2.0/24
#{
#    "irr": "Invalid,more-specific",
#    "rpki": "Invalid,more-specific",
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "2.0.0.0/12",
#            "date": "20100712",
#            "registry": "ripencc",
#            "country": "FR"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}
#3.3.3.0/24
#{
#    "irr": "NotFound",
#    "rpki": "Valid",
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "3.0.0.0/9",
#            "date": "20171220",
#            "registry": "arin",
#            "country": "US"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "arin"
#        }
#    }
#}
#4.4.4.0/24
#{
#    "irr": "Valid",
#    "rpki": "NotFound",
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "4.0.0.0/9",
#            "date": "19921201",
#            "registry": "arin",
#            "country": "US"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}
#5.5.5.0/24
#{
#    "irr": "Invalid,more-specific",
#    "rpki": "Invalid,more-specific",
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "5.4.0.0/14",
#            "date": "20120425",
#            "registry": "ripencc",
#            "country": "DE"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}

    

Command line

>> python3 src/rov.py 8.8.8.0/24 15169 
{'irr': 'Valid', 'rpki': 'Valid'}

>> python3 src/rov.py 8.8.8.0/25 15169
{'irr': 'Invalid,more-specific', 'rpki': 'Invalid,more-specific'}

>> python3 src/rov.py 1.0.0.0/16 15169
{'irr': 'NotFound', 'rpki': 'NotFound'}