Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 40 million developers.Sign up
This release doesn’t introduce any new features but rather is a collection of bug fixes and minor improvements.
- Added a
--disable-rsynccommand line and
disable-rsyncconfiguration file option to, well, disable rsync. (#229)
- Fall back to rsync data if RRDP data is missing in no-update mode. (This only caused trouble if you are fabricating a repository cache directory from rsync-only data.) (#223)
- Try creating the parent directories before moving a file published via RRDP delta to its final location. This avoids regular fallback to snapshots. (#227)
- Consider previously manipulated files when processing a sequence of multiple RRDP deltas. This avoids occasional fallback to snapshots. (#228)
- Fixed a decoding error in manifests which caused certain manifests (which don’t seem to be existing in the wild currently) to be rejected. (via rpki-rs #78)
/rpslendpoint of the HTTP server accidentally produced CSV output. (#238)
- Produce a formatting of the time elements of RPSL with a stable length. This will result in the RPSL output via the HTTP server to be correct and also decreases the size of the RPSL output by about twenty percent. (#243)
- Suppressing debug log from some dependencies for stderr and file logging. (#224)
This is a bug fix release that primarily fixes an issue in 0.6.0 where the serial number for RTR was not updated when new data became available resulting in RTR clients getting stuck with old data.
- RRDP access statistics are now also shown in the
/statusHTTP endpoint. They were already part of the Prometheus metrics. (#218)
- The RTR serial number was not increased when new data became available. (#215)
- The RRDP client will not complain if it can’t read a non-existing state file anymore as this is a completely normal situation. (#217)
This release contains a bug in that leaves RTR clients stuck with old data. Please do not use this release if you are using Routinator with RTR and upgrade to 0.6.1 instead.
This release adds support for the RPKI Repository Delta Protocol (RRDP), an alternative method of fetching RPKI data that uses HTTPS instead of rsync. RRDP will speed up synchronisation for frequently updated repositories, for instance when Routinator is running in server mode. For the RRDP implementation, most of the internal logic of Routinator has been rewired. We used this opportunity for extensive refactoring and cleanup of the code base.
One user visible consequence is that the listeners for RTR and HTTP are now started immediately instead of waiting until after the first validation run. They still will report an error message until then, but at least you won’t
have to wonder whether something went wrong anymore.
- Removed the
rsync-countcommand line and configuration file option.
This option is now unused as modules are now rsynced only when they are
actually accessed. (#187)
- The default value for
refreshhas been lowered to 600 seconds.
- The refresh time placed in the RTR End-of-data PDU is now calculated
from the time until the next validation run is expected to finish.
- The listeners for RTR and HTTP in server mode are now started right away
and report an error until the first validation has finished. (#203)
- Routinator now supports RRDP for synchronizing repository content.
- Restructured repository directory. The rsync data now lives in a
rsync. The main repository directory will now be
kept clean and all unexpected files removed. (#187)
- In server mode, the repository will be refreshed and re-validated when
the first object expires. (#191)
- Protection against loops in the CA structure: Routinator checks that any
subject key identifier only appears once in the chain from a trust
anchor to a CA certificate. (#192)
- Routinator now explicitly skips .cer files that aren’t CA certificates
before even trying to validate them. This already happened before
because these files failed validation. (#194)
- New options
groupfor setting the user and group names a
detached server process should be run as. (#213)
- Fixed crash if the TAL directory is empty. Routinator will complain but
run since there could be local exceptions. (#212)
This release adds actual RPKI origin validation to Routinator itself.
An address prefix and AS number can now be checked for its RPKI status
on the command line via the new
validate command or via the HTTP server.
The latter is done provided in a way compatible with the
API provided by the RIPE NCC RPKI Validator.
The release also includes some breaking changes to the Prometheus metrics.
Back when we introduced those, we chose names for the metrics that didn’t
start with a prefix allowing to identify them as being from Routinator.
This is now corrected and all metrics start with
While at it, we added new metrics for the rsync commands being run by
Routinator, showing both their exit status codes and how long they took.
In addition, there has been quite a few internal plumbing changes. One more
visible change is that Routinator will now delete the data for rsync modules
that aren’t referenced anymore, keeping the local repository clean and small.
- Prometheus metrics are now prefixed with
routinator_. (#162 by
rsynccall. This seems to be available on
most rsync versions in use. Should that not be the case, you can use
rsync-argsconfig file option to define your own set of rsync
arguments, overriding this behaviour. ([#176])
- The local copy of the repository is now cleaned up after each validation
run, removing directories and files that weren’t referenced during the
run. This can be disabled with the new
--dirtycommand line and
dirtyconfig file options. (#180)
- You can now check pairs of address prefix and AS number for their RPKI
origin validation status either via the HTTP interface or the new
command. The HTTP API is the same as that used by the RIPE NCC RPKI
Validator for easy migration. (#173)
- Output format
summarywhich will print a summary of the content of the
RPKI repository. (#167)
- The ARIN TAL can now be skipped during
- Various commands have received a
--completeoption that causes them to
exit with status code 2 if any of the rsync commands fails. ([#177)]
- Additional metrics showing the status and duration of rsync commands.
This release fundamentally changes the command line options for
running the server and introduces a new way to initialize the local RPKI
repository used by Routinator. If you have been using previous releases,
you will likely have to adjust your tooling. We apologize for this, but
we also feel that the new commands are more intuitive and logical.
The command for running the server (previously
rtrd) is now called
server. It will not detach from the terminal anymore unless
explicitly instructed via the
When we added HTTP support, we intended it to be for monitoring only.
But it turned out that using HTTP is very useful for integrating Routinator
into existing work flows, so we now make HTTP a first class protocol. Since
this means that users may want to use the server mode without RTR,
Routinator will not listen on any ports by default any more. Instead, you
will have to explicitly choose the protocols, addresses, and ports to listen
on. The options for listening are now more intuitive, too:
--rtr for RTR
--http for HTTP.
Previously, Routinator automatically installed the TALs if the TAL
directory wasn’t present and then stopped because of the missing ARIN TAL.
This made it difficult to automatically install TALs in deployments.
This release replaces the automatic mechanism with a manual procedure that
is invoked by the new
In addition, we have received permission by ARIN to include their TAL. If
you agree with the ARIN Relying Party Agreement, you can now instruct
Routinator to install all TALs without having to download anything.
Filtering of VRPs
To make up for all these breaking changes, we added filtering of VRPs in
output both via the
vrps command and in the HTTP output. Command line
options or HTTP query fields allow limiting the output to those VRPs that
cover a set of address prefixes or are related to a set of ASNs.
- Major cleanup of the command line and configuration file for server
mode. The command is now
rtrd). RTR and HTTP are
now equals. There is no more default listeners being created, you have to
specify them explicitly via command line options or config file. The option
--rtrfor RTR listeners (previously just
--httpfor HTTP listeners (previously
--listen-http). The config
file fields are
http-listen, respectively. (#133)
rtrd) mode, the
-aoption is gone and has
been replaced by a
-doption. In other words, the default is now to
stay attached to the terminal and only fork into the background if
is given. (#134)
- The TAL directory will no longer be automatically populated. Instead,
you can install the bundled TALs via the new
having received permission from ARIN, we are now also bundling the ARIN
TAL in Routinator and require specific agreement to ARIN’s Relying Party
Agreement via a command line option. (#135)
- The minimum supported Rust version is now 1.34.0. (#112)
- Four new monitoring gauges
serialthat will allow alerting if
Routinator stops updating. (#122 and #131)
- Accept RTR listening socket from systemd. This allows to listen on port
323 without special privileges. Enable via the new
option. (#127 and #130).
- Improved path
/statusin HTTP output that provides the same
information as the
/metricsendpoint in slightly different format that
might make it easier to use in processing. (#131)
- Filtering for address prefixes and ASNs in VRP output via the
command or in HTTP output. (#137)
- The value of the
listen-httpconfig option wasn’t include in the
output of the
configcommand. Now it is. (#109)
- The HTTP server would eventually hang Routinator in a tight loop if
connections were closed early by the peer. (#120)
- Only read files ending in
.talin the TAL directory as is already
- Announce the correct content type in HTTP output with formats JSON and
- Update to rpki-rs 0.4 (#111)
This is yet another bug fix release. It primarily fixes a crash that happened under certain conditions when checking address prefixes in certificates. In addition, some configuration file options related to
rtrd mode were ignored. Finally, we now quietly ignore if the standard output is closed midway during output in
vrps mode, making Routinator behave better when piping output somewhere.
- The config file option specific to
rtrdmode weren’t picked up.
(#102, reported by Jay Borkenhagen)
- Ignore ‘broken pipe’ errors when outputting VRPs to make Routinator play
nice with piping output into scripts etc. (#105)
- Fixes a crash when validating certain invalid resource sets on
certificates. (rpki-rs #30)
- There’s now a crude way to check if you have the minimum Rust version
required and stop building. (#104)
This is a bugfix release resolving two issues:
When we moved reading of the TALs to be done only at the start in the last
release, we accidentally made all error messages related to them invisible.
This resulted in Routinator quietly terminating if the TALs were broken.
Additionally, Github user matsm got stung by our RPSL output not being
quite correct. Now IPv6 prefixes are properly provided via a
statement and all lines have Unix-style endings.
- Print errors when reading the trust anchor locators to standard error
instead of logging them since logging isn’t set up yet at that point.
route6:fields in RPSL output for IPv6 prefixes. (#96, reported
- Use LF as line endings in RPSL output. Seems that’s what whois uses in
practice, too. (#97, reported by @matsm)
This release ties up some loose ends before some big improvements planned
for the next version. Most importantly, we added a timeout to rsync runs
after a hanging rsync got the entire Routinator RTR daemon stuck. Trust
anchor locators are now only read once when Routinator starts. While this
will make Routinator more robust against accidental file system changes, you
will need now need to restart it if you changed the TALs on purpose.
We fixed a bug where a missing
tcp-listen option in the config file would
make Routinator crash in rtrd mode – it will now use the default listen
address 127.0.0.1:3323 as expected.
Finally, we added some more details to the Prometheus metrics introduced in
the last version. These are now given per trust anchor and include not only
the number of VRPs but also of ROAs.
- TAL files will only be read once when Routinator starts. This
improves robustness at the cost of having to restart Routinator when the
TALs change. (#74)
- New option
--rsync-timeoutsetting the maximum number of seconds any
rsync command is allowed to run. This prevents hanging rsync from
blocking Routinator. (#76)
- Additional Prometheus metric
valid_roasreporting the number of
verified ROAs. Additionally, both metrics are now reported separately
for each TAL. (#78)
- Compare RTR serial numbers according to RFC 1932. (#81)
This release implements
RFC 8360 which proposes an
alternative mode for dealing with overclaimed resources in
certificates. It promises to make it easier to deal with resources
being transfered away from a holder.
We have also added an HTTP service to rtrd mode. It is intended
primarily for monitoring - it already supports the metrics endpoint for
Prometheus –, but it also allows you to fetch the list of VRPs via your
browser. We will add more extensive monitoring metrics in future
Finally, we fixed a bug where some serial numbers in RTR were all wrong.
- Several API and organizational changes in the Routinator library crate
for the various improvements below.
- New output format
csvextthat mimics the output format of the Original
RIPE NCC Validator. (#59)
- Support for alternative resource extensions and validation defined in
[RFC 8360]. (The accompanying changes made it quite a bit faster, too.)
- Support for cargo-deb-based Debian packaging. Thanks to David
- Log warnings for stale manifests and CRLs.
- Optional HTTP service in
rtrdmode. This can be enabled via the
--listen-httpcommand line option and the
This is only the beginning of more extensive monitoring support. (#68)
- Converts the endianess of the serial number in the SerialNotify RTR PDU.
Reported by Massimiliano Stucchi. (#60)
- Docker build updated to Rust 1.32 and Alpine Linux 3.9. Thanks to David
configcommand now prints the configuration in TOML format and
can be used to create a configuration file for the current
- Routinator now builds and runs on Windows. Given that Windows is a Rust
tier 1 platform, we wanted to see how difficult it is to get this
going. Note that you will need the
rsyncexecutable that comes with
- Actually use
$HOME/.routinator.confas the default config file as
promised by the documentation. (#49)
- Fix a compile time error on 32 bit systems.