RPKI Validation Status
- class prsw.stat.rpki_validation_status.RPKIValidationStatus(RIPEstat, resource, prefix: ip_network)
This data call returns the RPKI validity state for a combination of prefix and Autonomous System. This combination will be used to perform the lookup against the RIPE NCC’s RPKI Validator, and then return its RPKI validity state.
Reference: https://stat.ripe.net/docs/data_api#rpki-validation
Property
Description
prefixThe prefix this query is based on
resourceThe ASN this query is based on.
statusThe RPKI validity state, according to RIPE NCC’s RPKI validator
validating_roasA list if validating ROAs
import prsw ripe = prsw.RIPEstat() result = ripe.rpki_validation_status(3333, '193.0.0.0/21') print(result.status) for roa in result.validating_roas: # ROA( # origin=3333, # prefix=IPv4Network('193.0.0.0/21'), # validity='valid', # source='RIPE NCC RPKI Root', # max_length=21 # ) print(roa.origin, roa.prefix, roa.validity, roa.source)
- __init__(RIPEstat, resource, prefix: ip_network)
Initialize and request RPKIValidationStatus.
- Parameters
resource – The ASN used to perform the RPKI validity state lookup.
prefix – The prefix to perform the RPKI validity state lookup. Note the prefix’s length is also taken from this field.
- property prefix
The prefix this query is based on.
- property resource
The ASN this query is based on.
- property status
The RPKI validity state, according to RIPE NCC’s RPKI validator. Possible states are:
"valid"the announcement matches a roa and is valid"invalid_asn"there is a roa with the same (or covering) prefix, but a different ASN"invalid_length"the announcement’s prefix length is greater than the ROA’s maximum length"unknown"no ROA found for the announcement
- property validating_roas
A list of validating ROAs.
Returns a list of ROA named tuples with the following properties:
Property
Description
originInt representing the AS
prefixIPv4Network or IPv6Network of the ROA record
sourceSource of the ROA
max_lengthMaximum permitted prefix length int