Routinator 0.15.0 ‘This Ain’t No Disco’ released

We are pleased to announce the latest release of Routinator, version 0.15.0 ‘This Ain’t No Disco’

Routinator is an RPKI relying party software that collects and validates statements in the Resource Public Key Infrastructure (RPKI) about allowed route origins and makes them available to the BGP workflow.

Perhaps the most visible change in this release is that by default there will be significantly less information logged.

We’ve seen regular questions by users who aren’t intimately familiar with the inner workings of RPKI and got worried by messages about expired certificates etc., not realising that they are all normal and there is nothing they can or should do about it.

Starting with this version, Routinator will not log these messages any more but rather collect them and make them available in the status HTTP endpoints. We also structure them by repository or publication point, so it will be much easier to see what exactly went wrong, for instance, when fetching an RRDP repository.

If you don’t like this new behaviour and would rather see everything logged as previously, the new log-repository-issues command line and config file option will allow you to switch back.

In addition, we’ve done quite a few performance improvements. When Routinator is started in server mode, it now first does an “optimistic” intial run. It will only use stored data from previous runs and thus have a data set available within a few dozen seconds. In order to avoid accidentally creating an incorrect dataset, it will abort this initial run if data is requested that hasn’t been requested previously, e.g., because a TAL was added, and start a regular validation run.

We also changed the defaults for RRDP timeouts which allows Routinator to discover non-responsive RRDP servers much quicker. This roughly halved update durations in our tests.

As always, there are an number of additional improvements and fixes in this release. You can read all the details in the release notes

We would like to thank Zizhi Shang, Zhechao Lin, Jiahao Cao, Yangyang Wang, Mingwei Xu of the Institute for Network Sciences and Cyberspace (INSC), Tsinghua University as well as Niklas Vogel of Goethe University Frankfurt and ATHENE for reporting issues fixed in this release.

In case you are using our binary packages, with this version we added packages for recently released Debian 13 and RHEL. They will be available via our package repository.

Finally, we have added a threat model to the documentation, in which we describe the security assumptions Routinator's design is based on.