{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T01:54:25Z","timestamp":1780624465187,"version":"3.54.1"},"reference-count":77,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T00:00:00Z","timestamp":1697760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Digital Threats"],"published-print":{"date-parts":[[2023,12,31]]},"abstract":"<jats:p>The Resource Public Key Infrastucture (RPKI) has been created to solve security shortcomings of the Border Gateway Protocol (BGP). This creates an infrastructure where resource holders (autonomous systems) can make attestations about their resources (IP-subnets). RPKI Certificate Authorities make these attestations available at Publication Points. Relying Party software retrieves and processes the RPKI-related data from all publication points, validates the data and makes it available to routers so they can make secure routing decisions. We contribute to this work by doing a threat analysis for Relying Party software, where an attacker controls a Certificate Authority and Publication Point. We implement a prototype testbed to analyse how current Relying Party software implementations react to scenarios originating from that threat model.<\/jats:p>\n          <jats:p>\u00a0\u00a0Our results show that all current Relying Party software was susceptible to at least one of the identified threats. In addition to this, we also identified threats stemming from choices made in the protocol itself. Taken together, these threats potentially allowed an attacker to fully disrupt all RPKI Relying Party software on a global scale. We elaborate on our process, and we discuss the types of responses we received from other parties. We performed a Coordinated Vulnerability Disclosure to the implementers.<\/jats:p>","DOI":"10.1145\/3617182","type":"journal-article","created":{"date-parts":[[2023,8,25]],"date-time":"2023-08-25T11:26:47Z","timestamp":1692962807000},"page":"1-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["rpkiller: Threat Analysis of the BGP Resource Public Key Infrastructure"],"prefix":"10.1145","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6574-2732","authenticated-orcid":false,"given":"Koen","family":"van Hove","sequence":"first","affiliation":[{"name":"NLnet Labs, Amsterdam, The Netherlands &amp; University of Twente, The Netherlands"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5685-8714","authenticated-orcid":false,"given":"Jeroen","family":"van der Ham-de Vos","sequence":"additional","affiliation":[{"name":"University of Twente, The Netherlands"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0249-8776","authenticated-orcid":false,"given":"Roland","family":"van Rijswijk-Deij","sequence":"additional","affiliation":[{"name":"University of Twente, The Netherlands"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2023,10,20]]},"reference":[{"key":"e_1_3_1_2_2","article-title":"Transport Layer Security (TLS) Extensions: Extension Definitions","author":"3rd Donald E. Eastlake","year":"2011","unstructured":"Donald E. Eastlake 3rd. 2011. Transport Layer Security (TLS) Extensions: Extension Definitions. RFC 6066. (Jan.2011). DOI:https:\/\/doi.org\/10.17487\/RFC6066","journal-title":"RFC 6066"},{"key":"e_1_3_1_3_2","volume-title":"Verification of AS_PATH Using the Resource Certificate Public Key Infrastructure and Autonomous System Provider Authorization","author":"Azimov Alexander","year":"2021","unstructured":"Alexander Azimov, Eugene Bogomazov, Randy Bush, Keyur Patel, and Job Snijders. 2021. Verification of AS_PATH Using the Resource Certificate Public Key Infrastructure and Autonomous System Provider Authorization. Internet-Draft draft-ietf-sidrops-aspa-verification-07. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-sidrops-aspa-verification-07Work in Progress."},{"key":"e_1_3_1_4_2","volume-title":"Hypertext Transfer Protocol Version 3 (HTTP\/3)","author":"Bishop Mike","year":"2021","unstructured":"Mike Bishop. 2021. Hypertext Transfer Protocol Version 3 (HTTP\/3). Internet-Draft draft-ietf-quic-http-34. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-quic-http-34Work in Progress."},{"key":"e_1_3_1_5_2","article-title":"Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile","author":"Boeyen Sharon","year":"2008","unstructured":"Sharon Boeyen, Stefan Santesson, Tim Polk, Russ Housley, Stephen Farrell, and Dave Cooper. 2008. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280. (May2008). DOI:https:\/\/doi.org\/10.17487\/RFC5280","journal-title":"RFC 5280"},{"key":"e_1_3_1_6_2","volume-title":"Resource Public Key Infrastructure (RPKI) Repository Requirements","author":"Bruijnzeels Tim","year":"2021","unstructured":"Tim Bruijnzeels, Randy Bush, and George G. Michaelson. 2021. Resource Public Key Infrastructure (RPKI) Repository Requirements. Internet-Draft draft-ietf-sidrops-prefer-rrdp-01. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-sidrops-prefer-rrdp-01Work in Progress."},{"key":"e_1_3_1_7_2","article-title":"The RPKI Repository Delta Protocol (RRDP)","author":"Bruijnzeels Tim","year":"2017","unstructured":"Tim Bruijnzeels, Oleg Muravskiy, Bryan Weber, and Rob Austein. 2017. The RPKI Repository Delta Protocol (RRDP). RFC 8182. (July2017). DOI:https:\/\/doi.org\/10.17487\/RFC8182","journal-title":"RFC 8182"},{"key":"e_1_3_1_8_2","article-title":"The Resource Public Key Infrastructure (RPKI) Ghostbusters Record","author":"Bush Randy","year":"2012","unstructured":"Randy Bush. 2012. The Resource Public Key Infrastructure (RPKI) Ghostbusters Record. RFC 6493. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6493","journal-title":"RFC 6493"},{"key":"e_1_3_1_9_2","article-title":"The Resource Public Key Infrastructure (RPKI) to Router Protocol, Version 1","author":"Bush Randy","year":"2017","unstructured":"Randy Bush and Rob Austein. 2017. The Resource Public Key Infrastructure (RPKI) to Router Protocol, Version 1. RFC 8210. (Sept.2017). DOI:https:\/\/doi.org\/10.17487\/RFC8210","journal-title":"RFC 8210"},{"key":"e_1_3_1_10_2","article-title":"Decompression quines and anti-viruses","author":"Canet Margaux","year":"2017","unstructured":"Margaux Canet, Amrit Kumar, C\u00e9dric Lauradoux, Mary-Andr\u00e9a Rakotomanga, and Reihaneh Safavi-Naini. 2017. Decompression quines and anti-viruses. Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (Mar2017). DOI:https:\/\/doi.org\/10.1145\/3029806.3029818","journal-title":"Proceedings of the 7th ACM Conference on Data and Application Security and Privacy"},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.23919\/TMA.2019.8784511"},{"key":"e_1_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355596"},{"key":"e_1_3_1_13_2","unstructured":"Cloudflare. 2021. Slowloris DDoS attack. (2021). https:\/\/www.cloudflare.com\/learning\/ddos\/ddos-attack-tools\/slowloris\/"},{"key":"e_1_3_1_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/2535771.2535787"},{"key":"e_1_3_1_15_2","first-page":"193","volume-title":"24th USENIX Security Symposium (USENIX Security\u201915)","author":"Ruiter Joeri de","year":"2015","unstructured":"Joeri de Ruiter and Erik Poll. 2015. Protocol state fuzzing of TLS implementations. In 24th USENIX Security Symposium (USENIX Security\u201915). USENIX Association, Washington, D.C., 193\u2013206. https:\/\/www.usenix.org\/conference\/usenixsecurity15\/technical-sessions\/presentation\/de-ruiter"},{"key":"e_1_3_1_16_2","first-page":"288","volume-title":"Proceedings of the 11th WSEAS International Conference on Applied Informatics and Communications, and Proceedings of the 4th WSEAS International Conference on Biomedical Electronics and Biomedical Informatics, and Proceedings of the International Conference on Computational Engineering in Systems Applications (AIASABEBI\u201911)","author":"Djordjevic Borislav","year":"2011","unstructured":"Borislav Djordjevic and Valentina Timcenko. 2011. Ext4 file system performance analysis in Linux environment. In Proceedings of the 11th WSEAS International Conference on Applied Informatics and Communications, and Proceedings of the 4th WSEAS International Conference on Biomedical Electronics and Biomedical Informatics, and Proceedings of the International Conference on Computational Engineering in Systems Applications (AIASABEBI\u201911). World Scientific and Engineering Academy and Society (WSEAS), Stevens Point, Wisconsin, USA, 288\u2013293."},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-021-09384-1"},{"key":"e_1_3_1_18_2","unstructured":"Dragon Research Labs. 2022. rcynic Github Repository. (2022). https:\/\/github.com\/dragonresearch\/rpki.net\/tree\/master\/rp\/rcynic(last visited 2022-01-28)."},{"key":"e_1_3_1_19_2","article-title":"Additional HTTP Status Codes","author":"Fielding Roy T.","year":"2012","unstructured":"Roy T. Fielding and Mark Nottingham. 2012. Additional HTTP Status Codes. RFC 6585. (April2012). DOI:https:\/\/doi.org\/10.17487\/RFC6585","journal-title":"RFC 6585"},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/90.974527"},{"key":"e_1_3_1_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/3143361.3143363"},{"key":"e_1_3_1_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/2668152.2668966"},{"key":"e_1_3_1_23_2","unstructured":"Dan Goodin. 2018. Suspicious event hijacks Amazon traffic for 2 hours steals cryptocurrency. (Apr2018). https:\/\/arstechnica.com\/information-technology\/2018\/04\/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency\/"},{"key":"e_1_3_1_24_2","article-title":"Cryptographic Message Syntax (CMS)","author":"Housley Russ","year":"2009","unstructured":"Russ Housley. 2009. Cryptographic Message Syntax (CMS). RFC 5652. (Sept.2009). DOI:https:\/\/doi.org\/10.17487\/RFC5652","journal-title":"RFC 5652"},{"key":"e_1_3_1_25_2","article-title":"A Profile for Resource Certificate Repository Structure","author":"Huston Geoff","year":"2012","unstructured":"Geoff Huston, Robert Loomans, and George G. Michaelson. 2012. A Profile for Resource Certificate Repository Structure. RFC 6481. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6481","journal-title":"RFC 6481"},{"key":"e_1_3_1_26_2","article-title":"Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs)","author":"Huston Geoff","year":"2012","unstructured":"Geoff Huston and George G. Michaelson. 2012. Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs). RFC 6483. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6483","journal-title":"RFC 6483"},{"key":"e_1_3_1_27_2","unstructured":"Internet Engineering Task Force. 2023. Introduction to the IETF. (2023). https:\/\/www.ietf.org\/about\/introduction\/"},{"key":"e_1_3_1_28_2","article-title":"Threat Model for BGP Path Security","author":"Kent Stephen","year":"2014","unstructured":"Stephen Kent and Andrew Chi. 2014. Threat Model for BGP Path Security. RFC 7132. (Feb.2014). DOI:https:\/\/doi.org\/10.17487\/RFC7132","journal-title":"RFC 7132"},{"key":"e_1_3_1_29_2","article-title":"Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI)","author":"Kent Stephen","year":"2012","unstructured":"Stephen Kent, Geoff Huston, and George G. Michaelson. 2012. Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI). RFC 6489. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6489","journal-title":"RFC 6489"},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423622"},{"key":"e_1_3_1_31_2","unstructured":"John Kristoff Bill Eaheart and Matthew P. Kemp. 2022. Aging relying party clients. (May2022). https:\/\/dataplane.substack.com\/p\/aging-relying-party-clients"},{"key":"e_1_3_1_32_2","article-title":"An Infrastructure to Support Secure Internet Routing","author":"Lepinski Matt","year":"2012","unstructured":"Matt Lepinski and Stephen Kent. 2012. An Infrastructure to Support Secure Internet Routing. RFC 6480. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6480","journal-title":"RFC 6480"},{"key":"e_1_3_1_33_2","article-title":"Manifests for the Resource Public Key Infrastructure (RPKI)","author":"Lepinski Matt","year":"2012","unstructured":"Matt Lepinski, Stephen Kent, Geoff Huston, and Rob Austein. 2012. Manifests for the Resource Public Key Infrastructure (RPKI). RFC 6486. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6486","journal-title":"RFC 6486"},{"key":"e_1_3_1_34_2","article-title":"A Profile for Route Origin Authorizations (ROAs)","author":"Lepinski Matt","year":"2012","unstructured":"Matt Lepinski, Derrick Kong, and Stephen Kent. 2012. A Profile for Route Origin Authorizations (ROAs). RFC 6482. (Feb.2012). DOI:https:\/\/doi.org\/10.17487\/RFC6482","journal-title":"RFC 6482"},{"key":"e_1_3_1_35_2","article-title":"BGPsec Protocol Specification","author":"Lepinski Matt","year":"2017","unstructured":"Matt Lepinski and Kotikalapudi Sriram. 2017. BGPsec Protocol Specification. RFC 8205. (Sept.2017). DOI:https:\/\/doi.org\/10.17487\/RFC8205","journal-title":"RFC 8205"},{"key":"e_1_3_1_36_2","unstructured":"Mitre. 2015. CVE-2015-3451. (2015). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-3451"},{"key":"e_1_3_1_37_2","unstructured":"Mitre. 2016. CVE-2016-2108. (2016). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-2108"},{"key":"e_1_3_1_38_2","unstructured":"Mitre. 2016. CVE-2016-6308. (2016). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-6308"},{"key":"e_1_3_1_39_2","unstructured":"Mitre. 2018. CVE-2018-1000613. (2018). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-1000613"},{"key":"e_1_3_1_40_2","unstructured":"Mitre. 2019. CVE-2019-17359. (2019). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-17359"},{"key":"e_1_3_1_41_2","unstructured":"Mitre. 2019. CVE-2019-6659. (2019). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-6659"},{"key":"e_1_3_1_42_2","unstructured":"Mitre. 2021. CVE-2021-3761. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3761"},{"key":"e_1_3_1_43_2","unstructured":"Mitre. 2021. CVE-2021-3907. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3907"},{"key":"e_1_3_1_44_2","unstructured":"Mitre. 2021. CVE-2021-3908. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3908"},{"key":"e_1_3_1_45_2","unstructured":"Mitre. 2021. CVE-2021-3909. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3909"},{"key":"e_1_3_1_46_2","unstructured":"Mitre. 2021. CVE-2021-3910. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3910"},{"key":"e_1_3_1_47_2","unstructured":"Mitre. 2021. CVE-2021-3911. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3911"},{"key":"e_1_3_1_48_2","unstructured":"Mitre. 2021. CVE-2021-3912. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3912"},{"key":"e_1_3_1_49_2","unstructured":"Mitre. 2021. CVE-2021-43172. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-43172"},{"key":"e_1_3_1_50_2","unstructured":"Mitre. 2021. CVE-2021-43173. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-43173"},{"key":"e_1_3_1_51_2","unstructured":"Mitre. 2021. CVE-2021-43174. (2021). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-43174"},{"key":"e_1_3_1_52_2","unstructured":"Mitre. 2022. CVE-2022-3029. (2022). http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-3029"},{"key":"e_1_3_1_53_2","unstructured":"Nationaal Cyber Security Centrum. 2021. Upcoming Announcement of RPKI CVD Procedure. (Oct2021). https:\/\/web.archive.org\/web\/20211029165109\/https:\/\/english.ncsc.nl\/latest\/news\/2021\/october\/29\/upcoming-announcement-of-rpki-cvd-procedure"},{"key":"e_1_3_1_54_2","unstructured":"Nationaal Cyber Security Centrum. 2021. NCSC-2021-0987. (2021). https:\/\/www.ncsc.nl\/actueel\/advisory?id=NCSC-2021-0987"},{"key":"e_1_3_1_55_2","volume-title":"Coordinated Vulnerability Disclosure: The Guideline","author":"Netherlands National Cyber Security Centre of the","year":"2018","unstructured":"National Cyber Security Centre of the Netherlands. 2018. Coordinated Vulnerability Disclosure: The Guideline. Technical Report. Ministry of Justice and Security. https:\/\/english.ncsc.nl\/get-to-work\/publications\/publications\/2019\/juni\/01\/coordinated-vulnerability-disclosure-the-guideline"},{"key":"e_1_3_1_56_2","unstructured":"NICMx\/FORT-validator. 2021. 1.5.3 crashing repeatedly starting about an hour ago. (2021). https:\/\/github.com\/NICMx\/FORT-validator\/issues\/65"},{"key":"e_1_3_1_57_2","article-title":"Hypertext Transfer Protocol \u2013 HTTP\/1.0","author":"Nielsen Henrik","year":"1996","unstructured":"Henrik Nielsen, Roy T. Fielding, and Tim Berners-Lee. 1996. Hypertext Transfer Protocol \u2013 HTTP\/1.0. RFC 1945. (May1996). DOI:https:\/\/doi.org\/10.17487\/RFC1945","journal-title":"RFC 1945"},{"key":"e_1_3_1_58_2","article-title":"Hypertext Transfer Protocol \u2013 HTTP\/1.1","author":"Nielsen Henrik","year":"1999","unstructured":"Henrik Nielsen, Jeffrey Mogul, Larry M. Masinter, Roy T. Fielding, Jim Gettys, Paul J. Leach, and Tim Berners-Lee. 1999. Hypertext Transfer Protocol \u2013 HTTP\/1.1. RFC 2616. (June1999). DOI:https:\/\/doi.org\/10.17487\/RFC2616","journal-title":"RFC 2616"},{"key":"e_1_3_1_59_2","unstructured":"OpenBSD. 2021. OpenBSD Security. (2021). https:\/\/www.openbsd.org\/security.html"},{"key":"e_1_3_1_60_2","unstructured":"OpenBSD. 2021. OpenRsync. (2021). https:\/\/www.openrsync.org\/"},{"key":"e_1_3_1_61_2","unstructured":"OWASP. 2021. REST Security Cheat Sheet. (2021). https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/REST_Security_Cheat_Sheet.html"},{"key":"e_1_3_1_62_2","unstructured":"OWASP. 2021. XML Security Cheat Sheet. (2021). https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/XML_Security_Cheat_Sheet.html"},{"key":"e_1_3_1_63_2","article-title":"A Border Gateway Protocol 4 (BGP-4)","author":"Rekhter Yakov","year":"2006","unstructured":"Yakov Rekhter, Susan Hares, and Tony Li. 2006. A Border Gateway Protocol 4 (BGP-4). RFC 4271. (Jan.2006). DOI:https:\/\/doi.org\/10.17487\/RFC4271","journal-title":"RFC 4271"},{"key":"e_1_3_1_64_2","article-title":"The Transport Layer Security (TLS) Protocol Version 1.3","author":"Rescorla Eric","year":"2018","unstructured":"Eric Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446. (Aug.2018). DOI:https:\/\/doi.org\/10.17487\/RFC8446","journal-title":"RFC 8446"},{"key":"e_1_3_1_65_2","unstructured":"RIPE NCC. 2021. Become a RIPE NCC Member. (2021). https:\/\/www.ripe.net\/participate\/member-support\/become-a-member"},{"key":"e_1_3_1_66_2","unstructured":"RIPE NCC. 2021. Ending Support for the RIPE NCC RPKI Validator. (2021). https:\/\/www.ripe.net\/publications\/news\/announcements\/ending-support-for-the-ripe-ncc-rpki-validator"},{"key":"e_1_3_1_67_2","unstructured":"Rsync. 2021. Rsync Security Advisories. (2021). https:\/\/rsync.samba.org\/security.html"},{"key":"e_1_3_1_68_2","article-title":"Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)","author":"Sheffer Yaron","year":"2015","unstructured":"Yaron Sheffer, Ralph Holz, and Peter Saint-Andre. 2015. Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). RFC 7525. (May2015). DOI:https:\/\/doi.org\/10.17487\/RFC7525","journal-title":"RFC 7525"},{"key":"e_1_3_1_69_2","doi-asserted-by":"publisher","DOI":"10.1145\/3404868.3406674"},{"key":"e_1_3_1_70_2","unstructured":"Tom Strickx. 2019. How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today. (Jun2019). https:\/\/blog.cloudflare.com\/how-verizon-and-a-bgp-optimizer-knocked-large-parts-of-the-internet-offline-today\/"},{"key":"e_1_3_1_71_2","unstructured":"Andree Toonk. 2017. Popular destinations rerouted to Russia. (Dec2017). https:\/\/bgpmon.net\/popular-destinations-rerouted-to-russia\/"},{"key":"e_1_3_1_72_2","unstructured":"Nathalie Trenaman. 2021. Update on RIPE Roadmap and Experiences. (2021). https:\/\/ripe82.ripe.net\/archives\/video\/602\/RIPE 82."},{"key":"e_1_3_1_73_2","unstructured":"Iljitsch van Beijnum. 2008. Insecure routing redirects YouTube to Pakistan. (Feb2008). https:\/\/arstechnica.com\/uncategorized\/2008\/02\/insecure-routing-redirects-youtube-to-pakistan\/"},{"key":"e_1_3_1_74_2","unstructured":"Koen van Hove. 2022. Relying party resiliency platform. (Aug2022). DOI:https:\/\/doi.org\/10.5281\/zenodo.7572512"},{"key":"e_1_3_1_75_2","doi-asserted-by":"crossref","unstructured":"Mathy Vanhoef. 2017. Key Reinstallation Attacks - Breaking WPA2 by forcing nonce reuse. (2017). https:\/\/www.krackattacks.com\/","DOI":"10.1145\/3133956.3134027"},{"key":"e_1_3_1_76_2","doi-asserted-by":"publisher","DOI":"10.1145\/2834050.2834102"},{"key":"e_1_3_1_77_2","volume-title":"Tree Hints for the Resource Public Key Infrastructure (RPKI)","year":"2021","unstructured":"Koen van Hove. 2021. Tree Hints for the Resource Public Key Infrastructure (RPKI). Internet-Draft. Internet Engineering Task Force. withheldfordouble-blindreviewWork in Progress."},{"key":"e_1_3_1_78_2","article-title":"BGPChain: Constructing a secure, smart, and agile routing infrastructure based on blockchain","author":"Yan Zhiwei","year":"2021","unstructured":"Zhiwei Yan and Jong-Hyouk Lee. 2021. BGPChain: Constructing a secure, smart, and agile routing infrastructure based on blockchain. ICT Express (2021). DOI:https:\/\/doi.org\/10.1016\/j.icte.2020.12.005","journal-title":"ICT Express"}],"container-title":["Digital Threats: Research and Practice"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617182","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3617182","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:07Z","timestamp":1750178167000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617182"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,20]]},"references-count":77,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2023,12,31]]}},"alternative-id":["10.1145\/3617182"],"URL":"https:\/\/doi.org\/10.1145\/3617182","relation":{},"ISSN":["2692-1626","2576-5337"],"issn-type":[{"value":"2692-1626","type":"print"},{"value":"2576-5337","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,20]]},"assertion":[{"value":"2023-03-27","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-08-03","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-10-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}