[routing-wg] AS201640

Hello,

I understand that there may have been some discussion of the rogue
AS201640 at the WG meeting in London.  For the benefit of those of
us who were not able to attend that, could someone (anyone) please
post a brief summary of the WG's discussion of AS201640?  (The
transcripts do not seem to be available just yet.)


Separately and additionally, I have been seeking answers to several
questions relating to AS201640, mostly on the anti-abuse WG mailing
list, but I have so far been rather spectacularly unsuccessful at
obtaining any answers whatsoever to any of these questions.  Given
that, I hope that no one will mind very much if I put these questions
here.

(Note:  I am sure that some of these questions only occur to me
because of my abundant ignorance.  I am admittedly not very
familiar with RIPE or RIPE NCC operating procedures.  I hope that
the members of this WG will show me the courtesy of forgiving my
ignorance and also attempt to remedy it.)


+_+_+_+_+_+_+_+_+_

1)  How was it possible for various IPv4 block WHOIS records to be
stored in the RIPE WHOIS DB, even though it is quite apparently the
case that, according to IANA WHOIS records, the IP blocks in question
do not even belong to the RIPE region?  Is there really no pre-checking
performed on such records before they are stored in the RIPE data base,
e.g. to see if the blocks in question belong either to RIPE or to some
other RiR?

2)  How was it possible for a particular Bulgarian commercial organization
to be granted its own AS number, when all available evidence seems to
indicate that it actually had, and has, -zero- IP addresses which are
actually and properly registered to it?  Is there really no pre-checking
performed on AS number allocations, e.g. to see if the organization
requesting the AS has at least some IP addresses?

3)  Why are some of the clearly bogus WHOIS records (for IPv4 blocks)
relating to this incident still present within the RIPE WHOIS DB, even
as we speak, in particular, these ones?

41.198.224.0/20
119.227.224.0/19
105.154.248.0/21
210.57.0.0/19
202.39.112.0/20

Is anyone anywhere still harboring *any* lingering doubt about the fact
that these are all quite plainly bogus?  If not, then why have these
records not already been removed from the WHOIS data base?

4)  Why is AS201640 still registered, as we speak?

5)  Without reference to any specific incident, AS, legal entity, or any
other specifics, I have the following very general question:

With respect to the contracts that RIPE enters into with those parties for
whom RIPE provides registration services of *AS numbers*, specifically,
are the terms and conditions of those contracts adequate and sufficient
to strongly deter any and all AS registrants from deliberately and
willfully announcing routes to IP space to which neither they nor any
of their direct or indirect customers have any legitimate claim?

+_+_+_+_+_+_

I look forward to the WG's responses to the above questions.