|
Since the RIPE NCC launched its Resource Certification service, there is a steady increase in the number of prefixes covered by certificates.
The Resource Certification (RPKI) service was launched at the beginning of 2011. The system enables network operators to perform Border Gateway Protocol (BGP) origin validation, which means that they can securely verify if a BGP route announcement has been authorised by the legitimate holder of the address block.
Using their resource certificate, network operators can create cryptographically validatable statements about the route announcements they authorise to be made with the prefixes they hold. These statements are called Route Origin Authorisations (ROAs). A ROA states which Autonomous System (AS) is authorised to originate a certain IP address prefix.
So far, 10% of the RIPE NCC membership has opted into requesting a Resource Certificate. In the graph below, you can see the number of IPv4 prefixes (blue) and IPv6 prefixes (red) that have been certified by RIPE NCC members using their certificate. More than 900 IPv4 prefixes are certified. That means that more thanĀ 10% of the IPv4 address space the RIPE NCC is maintaining is covered by certificates. For IPv6, around 250 prefixes are certified. This is a relatively high number compared to the total number of IPv6 prefixes in the routing system.
More information:
• Find out more information about certification.
• See more RPKI related statistics.
• See RIPE Labs for other related information about IP address space.
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byWhoisXML API