* Suresh Ramasubramanian:
The same thing with ARIN or any other RIR whois .. if you find a UPS store maildrop with a bunch of /20s mapped to it .. and each successive /20 you find is entirely populated with "something bad" .. then a full text search of the RIR's db for all netblocks registered to that UPS store might be instructive.
Instructive for what? As long as the responsible LIR is readily identifiable, I don't think RIPE NCC needs to get involved, at least from a network abuse perspective. Typically, the LIR is in a much better position to implement effective measures. Other LIRs may have concerns about misuse of address resources and encourage RIPE NCC to investigate things more aggressively from a resource usage perspective, but this is unrelated to actual network and abuse, and it is totally unclear whether we will experience address shortage in a significant way, ever. Admittedly, proper LIR identification is not a completely solved issue, mainly because the RIPE DB does not contain cross-references to official registers (where applicable; these are generally provided during LIR enrollment), the database does not contain the contracting LIR for provider-independent objects, and tools like the abuse mailbox finder do not implement LIR fallback even if the required information is present in the public database.