Goline Logo
Goline It Services Logo

Home

About Us

Services

Solutions

Systems Architecture

Support

FAQ

News

  • GOLINE SA Announces Strategic Partnership with NetApp November 7th, 2025
    GOLINE SA is excited to announce a new partnership with NetApp, a global leader in cloud data services and storage solutions. This collaboration aims to help organizations modernize their IT infrastructure, streamline data management, and enhance performance across cloud and hybrid environments. Modern Data Solutions for Businesses Through this partnership, GOLINE integrates advanced data management solutions, enabling businesses to securely store, manage, and access critical information across cloud, on-premises, or hybrid setups. Clients can benefit from: Flexible and scalable storage solutions to meet growing data needs Simplified management of cloud and on-premises environments Enterprise-grade security for sensitive and mission-critical data...
  • GOLINE SA Announces Partnership with Omnissa November 7th, 2025
    GOLINE SA is proud to announce a new strategic partnership with Omnissa, a global leader in digital workspace platforms and Horizon Cloud Service solutions. This collaboration marks a significant step forward in helping organizations embrace secure, flexible, and high-performance work environments. Why Choose Omnissa for Your Business? The platform enables virtual desktops, applications, and unified endpoint management. Organizations can deploy scalable workspaces across cloud, hybrid, or on-premises setups. Key benefits include: Easy access to desktops and apps on any device Centralized management for Windows, macOS, iOS, Android, and ChromeOS Strong security with access controls and multi-factor authentication Automated scaling to...
  • GOLINE SA partners with Cloudflare November 6th, 2025
    Goline is proud to announce a strategic partnership with Cloudflare, the world leader in web performance and security solutions. This collaboration aims to provide goline.ch customers with state-of-the-art protection against cyber threats while delivering lightning-fast website performance. Through this partnership, Goline integrates Cloudflare’s advanced services, including DDoS protection, CDN caching, DNS security, and edge computing, allowing businesses to secure and optimize their websites effortlessly. Users will benefit from improved page load speed, enhanced reliability, and robust defense against malicious attacks. This partnership with Cloudflare enables goline to offer unmatched security and performance solutions to clients. By leveraging Cloudflare’s cutting-edge technology,...

Route RPKI validation

Posted on 1 April 2022
Route RPKI validation

RPKI is a security framework by which network owners can validate and secure the critical route updates or Border Gateway Protocol (BGP) announcements between public Internet networks. RPKI validation plays a crucial role in ensuring the security and authenticity of these updates. BGP is essentially the central nervous system of the Internet and one of its fundamental building blocks.

The main function of BGP is to facilitate efficient routing between Autonomous Systems (AS), by building and maintaining the Internet routing table.
The Internet routing table is effectively the navigation system of the Internet and without it, traffic would be unable to flow between its constituent networks.

Unfortunately, routing equipment alone cannot distinguish between legitimate and malicious routing announcements, but network operators who implement RPKI validation and filtering can choose to reject announcements from networks not authorised to advertise those resources.
In other words, RPKI is essentially a secure identification system for the BGP route information between autonomous systems.

Route Origin Validation

With route origin validation (ROV), the RPKI system tries to closely mimic what route objects in the IRR intend to do, but then in a more trustworthy manner. It also adds a couple of useful features.

Origin validation is currently the only functionality that is operationally used. The five RIRs provide functionality for it, there is open source software available for creation, publication and use of data, and all major router vendors have implemented ROV in their platforms. Various router software implementations offer support for it, as well.

Route Origin Authorisations

Using the RPKI system, the legitimate holder of a block of IP addresses can use their resource certificate to make an authoritative, signed statement about which autonomous system is authorised to originate their prefix in BGP. These statements are called Route Origin Authorisations (ROAs).

Maximum Prefix Length

In addition to the origin AS and the prefix, the ROA contains a maximum length (maxLength) value. This is an attribute that a route object in RPSL doesn’t have. Described in RFC 6482, the maxLength specifies the maximum length of the IP address prefix that the AS is authorised to advertise. This gives the holder of the prefix control over the level of deaggregation an AS is allowed to do.

For example, if a ROA authorises a certain AS to originate 192.0.1.0/24 and the maxLength is set to /25, the AS can originate a single /24 or two adjacent /25 blocks. Any more specific announcement is unauthorised by the ROA. Using this example, the shorthand notation for prefix and maxLength you will often encounter is 192.0.1.0/24-25.

GOLINE, AS202032 is matching RPKI validation state and rejects invalids ‘invalid == reject’

Discover all posts.

Get more info about our society

78 / 100 SEO Score
0
Would love your thoughts, please comment.x
()
x