On Thu, Oct 18, 2018 at 01:01:50PM +0300, Alexander Azimov wrote:
In the attachment is raw data that was used in https://ripe77.ripe.net/presentations/123-RIPE-NONAUTH.azimov.pdf It shows a list of globally visible prefixes that have route objects ONLY in RIPE-NONAUTH. For these prefixes, the removal of route objects from this database may lead to DoS.
I somewhat disagree with your use of the word "denial of service" in this context. :-) The route objects are *only* removed if the owner of the prefix creates a RPKI ROA - and iff they *do* create a RPKI ROA, a route object is automatically published via NTT's IRR service. Question (which may be really hard to answer) - how many of those prefix holders are able to create RPKI ROAs for those prefixes? Kind regards, Job