PeerGlass

Monitor a prefix or ASN for registration and BGP routing changes between calls.

How it works:

• First call: captures a baseline snapshot of RDAP + BGP state. Stores it in memory for the server's lifetime.

• Subsequent calls: fetches the current state and diffs it against the baseline. Reports exactly which fields changed and from what to what.

• When changes are detected: automatically updates the baseline so the next call diffs from the new state (not the original).

• reset_baseline=True: discards any stored baseline and captures fresh.

Tracked fields (8 total): RDAP: Holder, RIR, Country, Allocation Status, Abuse Email BGP: Announced (bool), Origin ASN(s), Visibility %

Severity of changes: 🔴 BGP Origin ASN changed → possible hijack, verify with rir_check_rpki 🔴 RDAP Holder changed → possible transfer, check rir_detect_transfers 🟡 BGP Announced changed → prefix appeared/disappeared from routing 🟡 Country changed → registration country updated 🟢 Visibility % changed → normal BGP fluctuation

Baseline persists in server memory — not in a database. If the server restarts, baselines are lost and will be recreated on next call.

Args: params (ChangeMonitorInput): - resource (str): IP prefix (e.g. '8.8.8.0/24') or ASN (e.g. 'AS15169') - reset_baseline (bool): If True, discard baseline and start fresh

Returns: str: Baseline created confirmation (first call), or diff table (subsequent calls). JSON schema: { "resource": str, "status": str, (baseline_created|changes_detected|no_changes) "baseline_captured_at": str, "checked_at": str, "changes": [{"field": str, "old_value": str, "new_value": str}], "current_holder": str, "current_rir": str, "message": str }