RIPE Database Business Rules
|
Applies To Object Type |
On Action |
Business Rule |
|
all |
Create |
An object cannot be created if it already exists. The creation will fail if another object of the same type and with the same primary key is already present in the RIPE Database. |
|
all |
Create |
Only the RIPE NCC is authorised to add or remove RIPE NCC maintainers. |
|
all |
Create |
On objects where the "language:" or "country:" attribute is used, the value must be a valid two-letter ISO 3166 code. |
|
all |
Create |
When creating or updating an object in the RIPE Database, all references to other objects must exist, such as mntner, person and role objects. |
|
all |
Create |
A warning is displayed if the object refers to a person or role object that does not have a maintainer. |
|
all |
Create |
A warning is displayed if the maintainer that is used for the object refers to a person or role object that does not have a maintainer. |
|
all |
Create |
Comments are not allowed in the “source:” attribute. |
|
all |
Delete |
An object can only be deleted if the submitted object matches exactly the current object in the RIPE Database. |
|
all |
Delete |
If an object has a RIPE NCC maintainer as one of the maintainers, the object can only be deleted by RIPE NCC. |
|
all |
Delete |
An object can only be deleted if it is no longer referenced. An exception to this rule is made for aut-num objects. They may be deleted even if references in “import:” and “export:” attributes exist. When an aut-num object is deleted, a warning email is automatically sent to all maintainers of objects that still reference the associated AS Number. |
|
all |
Create |
The "mnt-routes:" attribute refers to a maintainer, followed by an optional list of prefix ranges inside of curly braces, or the keyword "ANY". It is not allowed to have the "ANY" value on every "mnt-routes:" attribute in the object. |
|
inetnum, inet6num |
Update |
On Provider Independent address space assignments, the End User maintainer cannot be removed. |
|
inetnum, inet6num |
Create |
inet(6)num objects cannot overlap, meaning two objects that cover the same range and have the same status cannot exist. |
|
inetnum, inet6num |
Update |
On an inetnum object with the status "ALLOCATED PA", the RIPE NCC has specified a "mnt-lower:" attribute. It cannot be removed and another "mnt-lower:" attribute cannot be added. The same applies to an inet6num object with the status "ALLOCATED-BY-RIR". |
|
inetnum, inet6num |
Create Update |
When submitting a route object that is authorised by a “mnt-routes:” attribute on a matching inet(6)num object, the prefix should be within the same range as the one in the submitted object. |
|
inetnum, inet6num |
Create Update |
On inet(6)num objects for allocations or End User assignments made by the RIPE NCC, the "org:" attribute is mandatory. |
|
inetnum, inet6num |
Create Update |
When creating an inet(6)num object, the "status:" attribute must be set correctly in relation to surrounding objects. For example, the status "ASSIGNED PA" may only be used if the object is a child of an inetnum object with the status "ALLOCATED PA". |
|
inet6num |
Create |
When creating or updating an inet6num object for an assignment, all first-level children must have the same prefix size. In addition, the assignment size should not be larger than a /128 and not smaller than the prefix length of the parent object. |
|
inetnum, inet6num, aut-num |
Update |
If the object has a RIPE NCC maintainer as one of the maintainers, only the RIPE NCC can change the value of the “org:” attribute. |
|
inetnum, inet6num, aut-num |
Create Update |
Only the RIPE NCC can add, change or remove the “sponsoring-org:” attribute. It must reference an organisation of type “LIR". |
|
organisation |
Create Update |
The “abuse-c:” attribute must reference a role object that has an "abuse-mailbox:" attribute. Once set, the attribute cannot be removed if the organisation is referenced by any object that has a RIPE NCC maintainer present. |
|
organisation |
Create Update |
In an organisation object, only the value "OTHER" can be used for the "org-type:" attribute. Only the RIPE NCC can use other org-types, such as "LIR". |
|
organisation |
Update |
If the organisation object has a RIPE NCC maintainer present, only the RIPE NCC can change the value of the "org-name:" attribute after an LIR submits a change request. In addition, LIRs canot change the "e-mail:", "phone:", and "fax-no:" value; these must be changed in the LIR Portal. |
|
role |
Create Update |
When creating a role object that has an “abuse-mailbox:” attribute specified, or adding this attribute to an existing role object, a warning is displayed that no rate limiting is applied to this attribute. |
|
role |
Update Delete |
The "abuse-mailbox:" attribute cannot be removed from a role object if it's referenced as an “abuse-c:” attribute in any organisation object. |
|
role |
Create Update |
The “admin-c:” and “tech-c:” of a role object cannot refer to itself. |
|
domain |
Create |
domain objects of the e164.arpa type need to be authenticated against one of the designated enum maintainers. |
|
domain |
Create |
The domain object that is submitted cannot have have an existing parent or child object for the reverse IP. |
|
domain |
Create |
The server that is listed in the “nserver:” attribute must have a valid glue record, if required. |
|
mntner |
Create Update |
Maintainer names cannot use reserved names. |
|
key-cert |
Update |
It is not allowed to use "AUTO-1" for the primary key value of a key-cert object. A unique value must be explicitly set. |
|
poem |
Create Update |
A poem object must be maintained by LIM-MNT only. |
|
route, route6 |
Create Update |
When using the "holes:" and “pingable:" attributes, the specified IP must lie within the prefix of the route. |
|
peering-set |
Create Update |
A peering-set object must include either a “peering:” or an “mp-peering:” attribute. One of these must exist, but both attributes cannot be present at the same time. |
|
filter-set |
Create Update |
A filter-set object must include either a “filter:” or an “mp-filter:” attribute. One of these must exist, but both attributes cannot be present at the same time. |
|
as-set, filter-set, peering-set |
Create |
When creating an as-set, filter-set or peering-set object, a parent object must be present in the RIPE Database and it is required to authenticate against its maintainer. |
|
as-set, route-set, rtr-set |
Delete |
An as-set, route-set or rtr-set cannot be deleted if the “member-of:” attribute is referenced. |
|
aut-num, route, route6, inet-rtr |
Create |
If the aut-num, route(6) or inet-rtr object is part of an as-set, route-set or rtr-set object that has a "mbrs-by-ref:" attribute set, the maintainers on the objects need to match. |
|
as-block |
Create |
Only the RIPE NCC is authorised to create and update as-block objects. |