You are here: Home > Manage IPs and ASNs > RIPE Database > Database Support > RIPE Database Business Rules

RIPE Database Business Rules

The RIPE Database contains objects formatted according to the Routing Policy Specification Language (RPSL), which has a set of syntax rules you have to comply with when creating, updating or deleting objects. In additon, the RIPE NCC enforces certain business rules to ensure data integrity and registry accuracy. This document gives an overview of all current business rules.

Applies To Object Type

On Action

Business Rule

all

Create

An object cannot be created if it already exists. The creation will fail if another object of the same type and with the same primary key is already present in the RIPE Database.

all

Create
Update

Only the RIPE NCC is authorised to add or remove RIPE NCC maintainers.

all

Create
Update

On objects where the "language:" or "country:" attribute is used, the value must be a valid two-letter ISO 3166 code.

all

Create
Update

When creating or updating an object in the RIPE Database, all references to other objects must exist, such as mntnerperson and role objects. 

all

Create
Update

A warning is displayed if the object refers to a person or role object that does not have a maintainer.

all

Create
Update

A warning is displayed if the maintainer that is used for the object refers to a person or role object that does not have a maintainer.

all

Create
Update 

Comments are not allowed in the “source:” attribute.

all

Delete

An object can only be deleted if the submitted object matches exactly the current object in the RIPE Database.

all

Delete

If an object has a RIPE NCC maintainer as one of the maintainers, the object can only be deleted by RIPE NCC.

all

Delete

An object can only be deleted if it is no longer referenced. An exception to this rule is made for aut-num objects. They may be deleted even if references in “import:” and “export:” attributes exist.

When an aut-num object is deleted, a warning email is automatically sent to all maintainers of objects that still reference the associated AS Number.

all

Create
Update 

The "mnt-routes:" attribute refers to a maintainer, followed by an optional list of prefix ranges inside of curly braces, or the keyword "ANY". It is not allowed to have the "ANY" value on every "mnt-routes:" attribute in the object.

inetnum, inet6num

Update

On Provider Independent address space assignments, the End User maintainer cannot be removed.

inetnum, inet6num

Create

inet(6)num objects cannot overlap, meaning two objects that cover the same range and have the same status cannot exist. 

inetnum, inet6num

Update

On an inetnum object with the status "ALLOCATED PA", the RIPE NCC has specified a "mnt-lower:" attribute. It cannot be removed and another "mnt-lower:" attribute cannot be added. The same applies to an inet6num object with the status "ALLOCATED-BY-RIR".

inetnum, inet6num

Create Update

When submitting a route object that is authorised by a “mnt-routes:” attribute on a matching inet(6)num object, the prefix should be within the same range as the one in the submitted object.

inetnum, inet6num

Create Update

On inet(6)num objects for allocations or End User assignments made by the RIPE NCC, the "org:" attribute is mandatory. 

inetnum, inet6num

Create Update

When creating an inet(6)num object, the "status:" attribute must be set correctly in relation to surrounding objects. For example, the status "ASSIGNED PA" may only be used if the object is a child of an inetnum object with the status "ALLOCATED PA".

inet6num

Create
Update

When creating or updating an inet6num object for an assignment, all first-level children must have the same prefix size. In addition, the assignment size should not be larger than a /128 and not smaller than the prefix length of the parent object.

inetnum, inet6num, aut-num

Update

If the object has a RIPE NCC maintainer as one of the maintainers, only the RIPE NCC can change the value of the “org:” attribute.

inetnum, inet6num, aut-num

Create Update

Only the RIPE NCC can add, change or remove the “sponsoring-org:” attribute. It must reference an organisation of type “LIR".

organisation

Create Update

The “abuse-c:” attribute must reference a role object that has an "abuse-mailbox:" attribute. Once set, the attribute cannot be removed if the organisation is referenced by any object that has a RIPE NCC maintainer present.

organisation

Create Update

In an organisation object, only the value "OTHER" can be used for the "org-type:" attribute. Only the RIPE NCC can use other org-types, such as "LIR".

organisation

Update

If the organisation object has a RIPE NCC maintainer present, only the RIPE NCC can change the value of the "org-name:" attribute after an LIR submits a change request. In addition, LIRs canot change the  "e-mail:", "phone:", and "fax-no:" value; these must be changed in the LIR Portal.

role

Create Update

When creating a role object that has an “abuse-mailbox:” attribute specified, or adding this attribute to an existing role object, a warning is displayed that no rate limiting is applied to this attribute.

role 

Update Delete

The "abuse-mailbox:" attribute cannot be removed from a role object if it's referenced as an “abuse-c:” attribute in any organisation object.

role 

Create Update

The “admin-c:” and “tech-c:” of a role object cannot refer to itself.

domain 

Create

domain objects of the e164.arpa type need to be authenticated against one of the designated enum maintainers.

domain 

Create

The domain object that is submitted cannot have have an existing parent or child object for the reverse IP.

domain 

Create
Update

The server that is listed in the “nserver:” attribute must have a valid glue record, if required.

mntner

Create Update

Maintainer names cannot use reserved names.

key-cert

Update

It is not allowed to use "AUTO-1" for the primary key value of a key-cert object. A unique value must be explicitly set.

poem

Create Update

A poem object must be maintained by LIM-MNT only.

route, route6

Create Update

When using the "holes:" and “pingable:" attributes, the specified IP must lie within the prefix of the route.

peering-set

Create Update

A peering-set object must include either a “peering:” or an “mp-peering:” attribute. One of these must exist, but both attributes cannot be present at the same time.

filter-set

Create Update

A filter-set object must include either a “filter:” or an “mp-filter:” attribute. One of these must exist, but both attributes cannot be present at the same time.

as-set, filter-set, peering-set

Create

When creating an as-set, filter-set or peering-set object, a parent object must be present in the RIPE Database and it is required to authenticate against its maintainer.

as-set, route-set, rtr-set

Delete

An as-set, route-set or rtr-set cannot be deleted if the “member-of:” attribute is referenced.

aut-num, route, route6, inet-rtr

Create
Update

If the aut-num, route(6) or inet-rtr object is part of an as-set, route-set or rtr-set object that has a "mbrs-by-ref:" attribute set, the maintainers on the objects need to match.

as-block

Create
Update

Only the RIPE NCC is authorised to create and update as-block objects.