I'd like to call the attention of all of you to a NANOG posting that I made recently: https://mailman.nanog.org/pipermail/nanog/2017-August/091954.html It would appear that the network AS29073, formerly known as Ecatel, and also formerly known as Quasi Networks, and now known as Novogara Ltd. may be having a spot of bother soon. The English translation of a document that I was given a link to today appears to indicate that some or all of the principals behind this specific "bullterpoof hosting" company have been ordered by a Dutch court to answer some pointed questions about their ownnership and/or control over this "Seychelles Islands" company, and perhaps also about their alleged tendency to provide hosting for other people's intellectual property: https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBDHA:2017:9026&showbutton=true That, of course, is not really -my- main concern. I am at the moment rather more concerned about the manner in which they came to be doing routing for a particular legacy Afrinic /14 block, i.e. the 196.16.0.0/14 block. That has not been adequately explained as of now, I think. I wonder if any of you on this list peer with this network, AS29073 and if so, why. It seems to have a rather colorful reputation, to say the least: http://www.cyberlightglobal.com/is-another-attack-on-western-financial-insti... http://news.softpedia.com/news/complex-bitcoin-phishing-scheme-leads-back-to... https://umbrella.cisco.com/blog/2016/06/20/bitcoin-wallet-phishes-reveal-rog... https://techcrunch.com/2012/08/04/grum-inside-the-takedown-of-one-of-the-wor... I can speak another time about how easy it was, apparently, for these clever fellows to slip a route object into the RIPE data base which would seem to sanction their routing of the suspect block in question. Regards, rfg