RPKI Invalids

To get an idea of route origin validation (RoV) in networks that are hosting Atlas probes, we created pings towards responding targets in BGP origins that are RPKI invalid on purpose. Measurements are done every hour (Atlas 'spread' 30 mins, which makes the measurements not hit target all around the same time), so if people deploy RoV this should be visible in these measurements within an hour. This allows to build UIs that exploit "instant gratification".

Measurements are tagged with 'campaign-rpki-invalid'

Currently running (this list is semi-structured to help machine parsing):

• dst:invalid.rpki.cloudflare.com msm_id:56294013 af:4 tal:apnic anycast:true
• dst:invalid.rpki.cloudflare.com msm_id:56877974 af:6 tal:arin anycast:true
• dst:cert-bad-origin.ris.ripe.net msm_id:56294056 af:4 tal:ripencc anycast:false
• dst:cert-bad-origin.ris.ripe.net msm_id:56878119 af:6 tal:ripencc anycast:false

Note the IPv6 measurements are created with tag 'system-ipv6-works' while I forgot to do that for the IPv4 measurements

If you know more targets like this please let me know (emile DOT aben AT ripe.net) so we can consider adding these to this set