I want to install rpki validator as a validation software on a debian 11 VM.
I have installed rpki validator from this site How to Install an RPKI Validator | RIPE Labs. The installation went well but I can’t execute this command: curl -H “Accept: text/csv” localhost:8080/api/export.csv, it gives me curl: (7) Failed to connect to localhost port 8080: Connection refused.
Is it from my VM or from the installation of rpki-validator which was badly done?
Thank you in advance
Thanks for your question. These validators can be tricky to run, especially back in 2019 when the article was published.
The article describes the installation of four different RPKI validators. What validator did you install?
The URL/port/API they have to download the validated object content differs for each validator.
If you installed the RIPE NCC RPKI validator, I recommend picking a different one. The RIPE NCC RPKI validator was deprecated; there are better alternatives available.
I have installed the RIPE NCC RPKI Validator.
Is the routinator more recent?
routinator is easy to install and is well maintained.
The RIPE validator has been deprecated. routinator, fort, octorpki, and rpki-client are being maintained.
Thank you for your information.
I have chosen the routinator software to make my RPKI server.
But I have a question. I’m not sure if I should use TLS or SSH to set up my RTR server.
The choice of transport depends on what is supported and how much you trust the network between the router and RTR server. As far as I know the most commonly used methods are plaintext or SSH.
Of course it is important to think about the risks when using plaintext. If you trust the network, this limits the risk of using plaintext. On a less, or non-trusted network (worst, very unlikely case: public wifi) I would really want authentication/security.
The “Connection refused” error when attempting to access localhost on port 8080 typically suggests that the RPKI Validator service isn’t running or isn’t configured to listen on that port.
To troubleshoot, check the service’s status using systemctl status rpki-validator and start it if it’s not running. Also, inspect the configuration file to confirm that it specifies port 8080. Additionally, ensure that there are no firewall rules or other network-level issues blocking access to the specified port.
If the issue persists, consider reviewing the installation steps and logs for any errors during the RPKI Validator installation on your Debian 11 VM.