Hi,
the tables bellow show the number of IPv4 and IPv6 blocks per ASN that are unreachable in an RPKI
route origin validating (ROV) environment (this list is filtered for US ASNs based on RIPEstat ASN data).
Affected networks might soon (by the end of the year) loose the ability to talk to
Cloudflare networks since they plan to deploy ROV.
You can use the RPKI validator https://rpki-validator.ripe.net/bgp-preview
or https://bgp.he.net (prefix view) to find the specific affected prefixes
for a given ASN.
Apparently there are many using RIPE IP space, so:
The RIPE RPKI dashboard offers a notification service for these kinds of problems
and every operator should use it to get automatic alerts and avoid reduced reachability.
https://www.ripe.net/manage-ips-and-asns/resource-management/certification/resource-certification-roa-management
If the invalids are expected (i.e. to test ROV)
than you can ignore this email (and maybe drop me an email).
some more context:
https://medium.com/@nusenu/where-are-rpki-unreachable-networks-located-65c7a0bae0f8
kind regards,
nusenu
amount of RPKI INVALID and unreachable /24 blocks per ASN in US:
(data as of 2018-09-26 19:42 UTC)