Practical example of obtaining a false digital #certificate with a #BGP hijacking (several CAs tested). Nothing new or extraordinary, just a practical demonstration in the wild of a well-known attack.
▻https://www.princeton.edu/~pmittal/publications/bgp-tls-hotpets17
Among the possible workarounds: the CA should test from several vantage points.
The bug report at #LetsEncrypt: ▻https://community.letsencrypt.org/t/using-bgp-to-acquire-bogus-tls-certificates/38627
#X509