diff options
author | Job Snijders <job@cvs.openbsd.org> | 2023-12-26 13:36:19 +0000 |
---|---|---|
committer | Job Snijders <job@cvs.openbsd.org> | 2023-12-26 13:36:19 +0000 |
commit | 2d86891e82872905e14bbbc4100fd62735e8fdb0 (patch) | |
tree | 40841f8376c1b8b4443eb9b039d84d0d8222c3a2 /etc/rpki | |
parent | 0c095b55725825f45372667a20fb23c15af43f3e (diff) |
Align the other RIRs with the recent clarifications from AFRINIC
Following https://lists.afrinic.net/pipermail/dbwg/2023-December/000496.html
Simply apply the inverse of 'afrinic.constraints' r1.2 to the other RIR files
(since no resources can be transferred from AFRINIC to any other RIRs).
OK tb@
Diffstat (limited to 'etc/rpki')
-rw-r--r-- | etc/rpki/apnic.constraints | 67 | ||||
-rw-r--r-- | etc/rpki/arin.constraints | 67 | ||||
-rw-r--r-- | etc/rpki/lacnic.constraints | 67 | ||||
-rw-r--r-- | etc/rpki/ripe.constraints | 67 |
4 files changed, 148 insertions, 120 deletions
diff --git a/etc/rpki/apnic.constraints b/etc/rpki/apnic.constraints index 357e4d45a3e..276409ade69 100644 --- a/etc/rpki/apnic.constraints +++ b/etc/rpki/apnic.constraints @@ -1,4 +1,4 @@ -# $OpenBSD: apnic.constraints,v 1.3 2023/12/19 08:10:19 job Exp $ +# $OpenBSD: apnic.constraints,v 1.4 2023/12/26 13:36:18 job Exp $ # From https://www.iana.org/assignments/ipv6-unicast-address-assignments allow 2001:200::/23 @@ -21,36 +21,43 @@ deny 105.0.0.0/8 deny 154.0.0.0/16 deny 154.16.0.0/16 deny 154.65.0.0 - 154.255.255.255 -deny 196.0.0.0/16 -deny 196.1.0.0/24 -# hole for 196.1.1.0/24 -deny 196.1.2.0 - 196.1.67.255 -# hole for 196.1.68.0/24 -deny 196.1.69.0 - 196.1.103.255 -# hole for 196.1.104.0 - 196.1.106.255 -deny 196.1.107.0/24 -# hole for 196.1.108.0/22 -deny 196.1.112.0/24 -# hole for 196.1.113.0 - 196.1.114.255 +deny 196.0.0.0 - 196.1.0.255 +deny 196.1.4.0/24 +deny 196.1.7.0 - 196.1.63.255 +deny 196.1.71.0/24 +deny 196.1.74.0 - 196.1.103.255 deny 196.1.115.0 - 196.1.133.255 -# hole for 196.1.134.0/24 -deny 196.1.135.0 - 196.3.64.255 -# hole for 196.3.65.0/24 -deny 196.3.66.0 - 196.3.71.255 -# hole for 196.3.72.0/24 -deny 196.3.73.0 - 196.12.31.255 -# hole for 196.12.32.0/19 -deny 196.12.64.0 - 196.15.15.255 -# hole for 196.15.16.0/20 -deny 196.15.32.0 - 196.29.63.255 -# hole for 196.29.64.0/19 -deny 196.29.96.0 - 196.32.31.255 -# hole for 196.32.32.0/19 -# hole for 196.32.64.0/19 -deny 196.32.96.0 - 196.39.255.255 -# hole for 196.40.0.0 - 196.40.95.255 -deny 196.40.96.0 - 197.255.255.254 - +deny 196.1.137.0/24 +deny 196.1.143.0 - 196.1.159.255 +deny 196.1.176.0 - 196.1.255.255 +deny 196.2.2.0/23 +deny 196.2.8.0 - 196.2.255.255 +deny 196.3.14.0/23 +deny 196.3.57.0 - 196.3.64.255 +deny 196.3.90.0/24 +deny 196.3.92.0 - 196.3.94.255 +deny 196.3.96.0/21 +deny 196.3.105.0/24 +deny 196.3.107.0 - 196.3.131.255 +deny 196.3.148.0/22 +deny 196.3.154.0 - 196.3.183.255 +deny 196.3.224.0 - 196.4.45.255 +deny 196.4.71.0 - 196.11.171.255 +deny 196.11.174.0 - 196.11.239.255 +deny 196.11.248.0/21 +deny 196.12.10.0 - 196.12.31.255 +deny 196.12.128.0/19 +deny 196.12.192.0 - 196.15.15.255 +deny 196.15.64.0 - 196.26.255.255 +deny 196.27.64.0 - 196.28.47.255 +deny 196.28.64.0 - 196.29.63.255 +deny 196.29.96.0 - 196.31.255.255 +deny 196.32.8.0 - 196.32.31.255 +deny 196.32.96.0/19 +deny 196.32.160.0 - 196.39.255.255 +deny 196.40.96.0 - 196.41.255.255 +deny 196.42.64.0 - 196.216.0.255 +deny 196.216.2.0 - 197.255.255.255 # From https://www.iana.org/assignments/as-numbers/ deny 36864 - 37887 deny 327680 - 328703 diff --git a/etc/rpki/arin.constraints b/etc/rpki/arin.constraints index 53d20e7dd69..4eb58fd0ca3 100644 --- a/etc/rpki/arin.constraints +++ b/etc/rpki/arin.constraints @@ -1,4 +1,4 @@ -# $OpenBSD: arin.constraints,v 1.2 2023/12/19 08:10:19 job Exp $ +# $OpenBSD: arin.constraints,v 1.3 2023/12/26 13:36:18 job Exp $ # From https://www.iana.org/assignments/ipv6-unicast-address-assignments allow 2001:400::/23 @@ -17,36 +17,43 @@ deny 105.0.0.0/8 deny 154.0.0.0/16 deny 154.16.0.0/16 deny 154.65.0.0 - 154.255.255.255 -deny 196.0.0.0/16 -deny 196.1.0.0/24 -# hole for 196.1.1.0/24 -deny 196.1.2.0 - 196.1.67.255 -# hole for 196.1.68.0/24 -deny 196.1.69.0 - 196.1.103.255 -# hole for 196.1.104.0 - 196.1.106.255 -deny 196.1.107.0/24 -# hole for 196.1.108.0/22 -deny 196.1.112.0/24 -# hole for 196.1.113.0 - 196.1.114.255 +deny 196.0.0.0 - 196.1.0.255 +deny 196.1.4.0/24 +deny 196.1.7.0 - 196.1.63.255 +deny 196.1.71.0/24 +deny 196.1.74.0 - 196.1.103.255 deny 196.1.115.0 - 196.1.133.255 -# hole for 196.1.134.0/24 -deny 196.1.135.0 - 196.3.64.255 -# hole for 196.3.65.0/24 -deny 196.3.66.0 - 196.3.71.255 -# hole for 196.3.72.0/24 -deny 196.3.73.0 - 196.12.31.255 -# hole for 196.12.32.0/19 -deny 196.12.64.0 - 196.15.15.255 -# hole for 196.15.16.0/20 -deny 196.15.32.0 - 196.29.63.255 -# hole for 196.29.64.0/19 -deny 196.29.96.0 - 196.32.31.255 -# hole for 196.32.32.0/19 -# hole for 196.32.64.0/19 -deny 196.32.96.0 - 196.39.255.255 -# hole for 196.40.0.0 - 196.40.95.255 -deny 196.40.96.0 - 197.255.255.254 - +deny 196.1.137.0/24 +deny 196.1.143.0 - 196.1.159.255 +deny 196.1.176.0 - 196.1.255.255 +deny 196.2.2.0/23 +deny 196.2.8.0 - 196.2.255.255 +deny 196.3.14.0/23 +deny 196.3.57.0 - 196.3.64.255 +deny 196.3.90.0/24 +deny 196.3.92.0 - 196.3.94.255 +deny 196.3.96.0/21 +deny 196.3.105.0/24 +deny 196.3.107.0 - 196.3.131.255 +deny 196.3.148.0/22 +deny 196.3.154.0 - 196.3.183.255 +deny 196.3.224.0 - 196.4.45.255 +deny 196.4.71.0 - 196.11.171.255 +deny 196.11.174.0 - 196.11.239.255 +deny 196.11.248.0/21 +deny 196.12.10.0 - 196.12.31.255 +deny 196.12.128.0/19 +deny 196.12.192.0 - 196.15.15.255 +deny 196.15.64.0 - 196.26.255.255 +deny 196.27.64.0 - 196.28.47.255 +deny 196.28.64.0 - 196.29.63.255 +deny 196.29.96.0 - 196.31.255.255 +deny 196.32.8.0 - 196.32.31.255 +deny 196.32.96.0/19 +deny 196.32.160.0 - 196.39.255.255 +deny 196.40.96.0 - 196.41.255.255 +deny 196.42.64.0 - 196.216.0.255 +deny 196.216.2.0 - 197.255.255.255 # From https://www.iana.org/assignments/as-numbers/ deny 36864 - 37887 deny 327680 - 328703 diff --git a/etc/rpki/lacnic.constraints b/etc/rpki/lacnic.constraints index 68fc2c94ed8..8c27213895f 100644 --- a/etc/rpki/lacnic.constraints +++ b/etc/rpki/lacnic.constraints @@ -1,4 +1,4 @@ -# $OpenBSD: lacnic.constraints,v 1.2 2023/12/19 08:10:19 job Exp $ +# $OpenBSD: lacnic.constraints,v 1.3 2023/12/26 13:36:18 job Exp $ # From https://www.iana.org/assignments/ipv6-unicast-address-assignments allow 2001:1200::/23 @@ -12,36 +12,43 @@ deny 105.0.0.0/8 deny 154.0.0.0/16 deny 154.16.0.0/16 deny 154.65.0.0 - 154.255.255.255 -deny 196.0.0.0/16 -deny 196.1.0.0/24 -# hole for 196.1.1.0/24 -deny 196.1.2.0 - 196.1.67.255 -# hole for 196.1.68.0/24 -deny 196.1.69.0 - 196.1.103.255 -# hole for 196.1.104.0 - 196.1.106.255 -deny 196.1.107.0/24 -# hole for 196.1.108.0/22 -deny 196.1.112.0/24 -# hole for 196.1.113.0 - 196.1.114.255 +deny 196.0.0.0 - 196.1.0.255 +deny 196.1.4.0/24 +deny 196.1.7.0 - 196.1.63.255 +deny 196.1.71.0/24 +deny 196.1.74.0 - 196.1.103.255 deny 196.1.115.0 - 196.1.133.255 -# hole for 196.1.134.0/24 -deny 196.1.135.0 - 196.3.64.255 -# hole for 196.3.65.0/24 -deny 196.3.66.0 - 196.3.71.255 -# hole for 196.3.72.0/24 -deny 196.3.73.0 - 196.12.31.255 -# hole for 196.12.32.0/19 -deny 196.12.64.0 - 196.15.15.255 -# hole for 196.15.16.0/20 -deny 196.15.32.0 - 196.29.63.255 -# hole for 196.29.64.0/19 -deny 196.29.96.0 - 196.32.31.255 -# hole for 196.32.32.0/19 -# hole for 196.32.64.0/19 -deny 196.32.96.0 - 196.39.255.255 -# hole for 196.40.0.0 - 196.40.95.255 -deny 196.40.96.0 - 197.255.255.254 - +deny 196.1.137.0/24 +deny 196.1.143.0 - 196.1.159.255 +deny 196.1.176.0 - 196.1.255.255 +deny 196.2.2.0/23 +deny 196.2.8.0 - 196.2.255.255 +deny 196.3.14.0/23 +deny 196.3.57.0 - 196.3.64.255 +deny 196.3.90.0/24 +deny 196.3.92.0 - 196.3.94.255 +deny 196.3.96.0/21 +deny 196.3.105.0/24 +deny 196.3.107.0 - 196.3.131.255 +deny 196.3.148.0/22 +deny 196.3.154.0 - 196.3.183.255 +deny 196.3.224.0 - 196.4.45.255 +deny 196.4.71.0 - 196.11.171.255 +deny 196.11.174.0 - 196.11.239.255 +deny 196.11.248.0/21 +deny 196.12.10.0 - 196.12.31.255 +deny 196.12.128.0/19 +deny 196.12.192.0 - 196.15.15.255 +deny 196.15.64.0 - 196.26.255.255 +deny 196.27.64.0 - 196.28.47.255 +deny 196.28.64.0 - 196.29.63.255 +deny 196.29.96.0 - 196.31.255.255 +deny 196.32.8.0 - 196.32.31.255 +deny 196.32.96.0/19 +deny 196.32.160.0 - 196.39.255.255 +deny 196.40.96.0 - 196.41.255.255 +deny 196.42.64.0 - 196.216.0.255 +deny 196.216.2.0 - 197.255.255.255 # From https://www.iana.org/assignments/as-numbers/ deny 36864 - 37887 deny 327680 - 328703 diff --git a/etc/rpki/ripe.constraints b/etc/rpki/ripe.constraints index c3357545ea9..ae63ba1903b 100644 --- a/etc/rpki/ripe.constraints +++ b/etc/rpki/ripe.constraints @@ -1,4 +1,4 @@ -# $OpenBSD: ripe.constraints,v 1.2 2023/12/19 08:10:19 job Exp $ +# $OpenBSD: ripe.constraints,v 1.3 2023/12/26 13:36:18 job Exp $ # From https://www.iana.org/assignments/ipv6-unicast-address-assignments allow 2001:600::/23 @@ -24,36 +24,43 @@ deny 105.0.0.0/8 deny 154.0.0.0/16 deny 154.16.0.0/16 deny 154.65.0.0 - 154.255.255.255 -deny 196.0.0.0/16 -deny 196.1.0.0/24 -# hole for 196.1.1.0/24 -deny 196.1.2.0 - 196.1.67.255 -# hole for 196.1.68.0/24 -deny 196.1.69.0 - 196.1.103.255 -# hole for 196.1.104.0 - 196.1.106.255 -deny 196.1.107.0/24 -# hole for 196.1.108.0/22 -deny 196.1.112.0/24 -# hole for 196.1.113.0 - 196.1.114.255 +deny 196.0.0.0 - 196.1.0.255 +deny 196.1.4.0/24 +deny 196.1.7.0 - 196.1.63.255 +deny 196.1.71.0/24 +deny 196.1.74.0 - 196.1.103.255 deny 196.1.115.0 - 196.1.133.255 -# hole for 196.1.134.0/24 -deny 196.1.135.0 - 196.3.64.255 -# hole for 196.3.65.0/24 -deny 196.3.66.0 - 196.3.71.255 -# hole for 196.3.72.0/24 -deny 196.3.73.0 - 196.12.31.255 -# hole for 196.12.32.0/19 -deny 196.12.64.0 - 196.15.15.255 -# hole for 196.15.16.0/20 -deny 196.15.32.0 - 196.29.63.255 -# hole for 196.29.64.0/19 -deny 196.29.96.0 - 196.32.31.255 -# hole for 196.32.32.0/19 -# hole for 196.32.64.0/19 -deny 196.32.96.0 - 196.39.255.255 -# hole for 196.40.0.0 - 196.40.95.255 -deny 196.40.96.0 - 197.255.255.254 - +deny 196.1.137.0/24 +deny 196.1.143.0 - 196.1.159.255 +deny 196.1.176.0 - 196.1.255.255 +deny 196.2.2.0/23 +deny 196.2.8.0 - 196.2.255.255 +deny 196.3.14.0/23 +deny 196.3.57.0 - 196.3.64.255 +deny 196.3.90.0/24 +deny 196.3.92.0 - 196.3.94.255 +deny 196.3.96.0/21 +deny 196.3.105.0/24 +deny 196.3.107.0 - 196.3.131.255 +deny 196.3.148.0/22 +deny 196.3.154.0 - 196.3.183.255 +deny 196.3.224.0 - 196.4.45.255 +deny 196.4.71.0 - 196.11.171.255 +deny 196.11.174.0 - 196.11.239.255 +deny 196.11.248.0/21 +deny 196.12.10.0 - 196.12.31.255 +deny 196.12.128.0/19 +deny 196.12.192.0 - 196.15.15.255 +deny 196.15.64.0 - 196.26.255.255 +deny 196.27.64.0 - 196.28.47.255 +deny 196.28.64.0 - 196.29.63.255 +deny 196.29.96.0 - 196.31.255.255 +deny 196.32.8.0 - 196.32.31.255 +deny 196.32.96.0/19 +deny 196.32.160.0 - 196.39.255.255 +deny 196.40.96.0 - 196.41.255.255 +deny 196.42.64.0 - 196.216.0.255 +deny 196.216.2.0 - 197.255.255.255 # From https://www.iana.org/assignments/as-numbers/ deny 36864 - 37887 deny 327680 - 328703 |