Please note that we have volunteered to have all of our products and libraries analyzed by LLM tooling, so you can expect security releases for pretty much everything, down to libraries like rpki-rs and projects in maintenance mode like ldns.
Please note that we have volunteered to have all of our products and libraries analyzed by LLM tooling, so you can expect security releases for pretty much everything, down to libraries like rpki-rs and projects in maintenance mode like ldns.
I'll be at #NetUK3 in London on 6 July — come say hi if you're there! 🐦⬛
My talk: "When UK Traffic Takes an Unplanned Detour: Routing Security for the UK Peering Community" (13:15, The Porter Tun)
The pitch: RPKI ROV alone isn't enough. ASPA is here, and BMP provides the observability layer to see what's happening inside your network before an incident.
Practical roadmap. Real incidents. Live demo of RAVEN.

NetUK3 will be held on 6th & 7th of July 2026 in London. NetUK is an open and vibrant community of individuals and organisations that are passionate about network infrastructure and wider internet technologies across the United Kingdom. Its events enable participants to share key technical knowledge, discover community achievements, develop industry connections and promote participation regardless of experience or background. Please note that if you are attending a workshop, registration...
🚨 Security release! 🚨
Routinator 0.15.2 ‘Irgendwas ist immer’ is now available, This release fixes a number of vulnerabilities and security issues identified by a security audit performed by @x41sec which was kindly funded by @sovtechfund.
We advise all users to upgrade at their earliest convenience.
https://community.nlnetlabs.nl/t/routinator-0-15-2-irgendwas-ist-immer-released/3400

We are pleased to announce the latest release of Routinator, version 0.15.2 ‘Irgendwas ist immer.’ Routinator is an RPKI relying party software that collects and validates statements in the Resource Public Key Infrastructure (RPKI) about allowed route origins and makes them available to the BGP workflow. This release fixes a number of issues discovered during a security audit of Routinator performed earlier this year by X41 D-Sec which was kindly financed by Sovereign Tech Agency. The securi...
Weekend Reads
* Centrality in the DNS
https://www.potaroo.net/ispcol/2026-05/dns-centrality.html
* RPKI RP fuzzing analysis
https://arxiv.org/abs/2605.26651
* Iran Internet partial restoration
https://blog.cloudflare.com/iran-internet-partially-restored-may-2026/
* Enterprise security for the AI era
https://arxiv.org/abs/2605.22985
* Characterizing Starlink queuing configuration
https://arxiv.org/abs/2605.27717
La cybersécuritay, c'est compliquay. Comment la Corée du Nord a coupé sa liaison Internet en voulant la sécuriser. https://labs.ripe.net/author/romain_fontugne/from-bgp-data-to-insight-simplifying-real-time-routing-analysis/
🚨 More new routing insights on Radar!
- Track #RPKI ROA deployment history at a global/country/ASN level, going back 3+ years for valid prefixes & address space
https://radar.cloudflare.com/routing/rpki#rpki-roa-deployment
- Country level announced IP address space graphs now include a "Show top ASes" toggle. Stacked area graphs make it easier to identify the providers behind large address space withdrawals.
Weekend Reads
* How crazy is .internal/DOT
https://ant.isi.edu/~hardaker/papers/2026-04-27-analyzing-dot-internal-to-dot.pdf
* RIPE NCC RPKI exploit chain
https://mxsasha.eu/posts/ripe-ncc-rpki-exploit-chain/
* Bellovin book: Don't get hacked
https://www.cs.columbia.edu/~smb/homesec/index.html
* Internet Protocol Journal May 2026
https://ipj.dreamhosters.com/wp-content/uploads/2026/04/291-ipj.pdf
* Cloudflare 2026-Q1 Internet disruptions report
https://blog.cloudflare.com/q1-2026-internet-disruption-summary/
As the RPKI ecosystem continues to evolve to provide the data for securing BGP Internet routing, the foundations are being laid for the long term need for forensic analysis tools and the long term study of that ecosystem.
For BGP, we've long had the MRT files gathered by various looking glass projects such as route-views. That data today is part of long term trend analysis for BGP and a tool for triaging global routing problems.
The rpki-views work and related IETF drafts for it, largely driven by Job Snijders, is providing a way to capture the state of the RPKI. As Internet routing analysis eventually becomes more dependent on the state of the RPKI at a given moment, such state becomes a critical component of any ex post facto analysis of BGP routing security from BGP routing data.
While the attached article is effectively discussing an "oops" while building out this ecosystem, it provides a good set of links to spelunk for the above topics.
https://blog.qrator.net/en/repairing-the-rpkiviews-h1-2026-archives_227/