Ruediger has a nice full list of all the other ways a prefix can be mis-announced or route leaked.  Typos, incompetence in setting up load balancers, so on and forth.  However, the number of these that are malicious and that’d be of interest to the AAWG, is much smaller, wouldn’t you say?   

 

From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net>
Date: Tuesday, 17 December 2019 at 3:16 PM
To: Ronald F. Guilmette <rfg@tristatelogic.com>, anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] FW: [aa-wg-chair] Draft Anti-Abuse WG Minutes from RIPE 79

Unfortunately as far as I am aware he is not on the list, or at least I have never seen him post here.

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

> -----Original Message-----
> From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> On Behalf Of
> Ronald F. Guilmette
> Sent: Monday 16 December 2019 19:11
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] FW: [aa-wg-chair] Draft Anti-Abuse WG
> Minutes from RIPE 79
>
> In message
> <DB7PR06MB5017909EC93E301C76BA47C694510@DB7PR06MB5017.eurprd06
> .prod.
> outlook.com>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
>
> >Ruediger said that... [when] he looks at routing tables, he sees a lot
> >of odd stuff including faked origin ASes, AS paths that are not
> >technically valid, in RPKI – ROAs for ASNs that should not show up for
> >public routing. Looking at RPKI, reputation does not help because in
> >RPKI there are authorisation forecasts that are completely invalid.
>
> Due to my general ignorance of these matters, I would very much like to be
> shown some real-world and current examples of each of the above three
> alleged problems, i.e.:
>
>     *)  faked origin ASes
>
>     *)  AS paths that are not technically valid
>
>     *)  ROAs for ASNs that should not show up for public routing.
>
> I hope that Ruediger is on this list, and that he will provide me with at least
> one or two examples of each of the above.
>
> My thanks to him in advance for this.
>
>
> Regards,
> rfg