Is Reliance Really BGP-Hijacking Telegram? What the Routing Data Actually Shows

Short answer: As of June 16, 2026, no independent routing monitor (Cloudflare Radar, Qrator.Radar, RIPE RIS, bgp.tools, or Kentik) and no network-operator community (NANOG, RIPE Labs, APNIC) has found any evidence that Reliance (AS18101) is BGP-hijacking Telegram. The live global routing table shows AS18101 announcing only its own Reliance Communications address space, with zero overlap of Telegram's network. Pavel Durov's allegation also names the wrong company and rests on an ownership link that doesn't exist.

What happened

On Tuesday, June 16, 2026, India ordered a temporary nationwide block of Telegram. The trigger was exam fraud: cheating networks were using Telegram channels to sell fake and allegedly leaked papers for the NEET-UG re-examination, India's national medical-school entrance test.

Hours later, Telegram founder Pavel Durov made two separate claims:

1. On X, he argued the ban punishes ordinary users rather than the insiders who leaked the exam material, and said the leaks had simply moved to other apps.

2. In a Telegram channel post, he made a far bigger allegation. He said an Indian telecom called "Reliance" (AS18101) was BGP-hijacking Telegram and cutting off access for users outside India, including in the UAE. He called it intentional, suggested it was tied to Meta and WhatsApp, and urged network operators to reject Reliance's route announcements.

The second claim is the explosive one. It accuses a named company of an aggressive, illegal act of internet sabotage on behalf of a competitor. So it deserves a careful technical look, and that look does not support the claim.

What is BGP hijacking, in plain English?

The internet is a network of networks. Each one (your ISP, a cloud provider, a messaging app's backend) is an Autonomous System (AS) with a unique number, like AS18101 for Reliance Communications or AS62041 for Telegram.

These networks find each other using the Border Gateway Protocol (BGP). Think of BGP as the internet's postal-routing system: each network announces, "I own these address ranges, send traffic for them to me." Neighbors trust that announcement and pass it along.

The problem is that classic BGP has no built-in way to verify those claims. It runs on trust. So if a network announces address space it doesn't actually own, traffic can be misrouted to it. That's a BGP hijack.

There are a few flavors:

• Origin hijack: announcing a block of IP addresses you don't own.

• More-specific hijack: announcing a narrower slice of someone's address range. Routers always prefer the most specific match, so this can override the real route everywhere it spreads.

• Route leak: improperly re-announcing routes you legitimately learned, often by accident, which can cascade the same way.

When a hijack or leak propagates across transit providers, the effects can go global in minutes. That's exactly what Durov is implying happened to Telegram. The question is whether it actually did.

The routing evidence: no hijack found

This is the heart of the matter. A real, globally propagating BGP hijack leaves fingerprints in public route collectors, and anyone can check.

As of June 16, 2026:

• AS18101 is announcing only its own address space. The Reliance Communications blocks it originates (ranges such as 115.248.0.0/16 and 124.124.0.0/16) are its own, mostly RPKI-valid prefixes. There is no Telegram address space in what it announces.

• No monitor has flagged a hijack. Targeted checks across Cloudflare Radar, Qrator.Radar, bgp.tools, bgp.he.net, RIPEstat / RIPE RIS, and Kentik turned up zero reports of an AS18101-to-Telegram hijack in June 2026. The operator forums where these incidents normally get dissected (NANOG, RIPE Labs, the APNIC blog, Hacker News) are silent on it too.

• The only documented Telegram BGP incidents are old and unrelated: Iran originating Telegram prefixes in 2018, and Iraq blackholing Telegram's main range in 2023. Neither involved Reliance.

A genuine hijack reaching users in the UAE would require Reliance's bogus route to spread internationally and be accepted by transit networks worldwide. No public collector has observed that.

What would change this verdict? If Cloudflare Radar, RIPE RIS, or bgp.tools later showed AS18101 (or any network behind it) announcing a Telegram prefix like 149.154.160.0/22, with timestamps and collector data, the allegation would be substantiated. Until then, it stands as an unverified claim from a single, interested source.

Why a global hijack of Telegram is technically hard today

Even if a network tried to forge Telegram's main address block, modern routing security would catch most of it.

Telegram's core prefix, 149.154.160.0/22, is RPKI-valid. RPKI (Resource Public Key Infrastructure) lets address owners publish a signed record called a Route Origin Authorization (ROA), which says, "Only this network is allowed to announce this range." Networks that check these records (a process called Route Origin Validation, or ROV) will mark a forged announcement as Invalid and drop it.

So if Reliance announced Telegram's space with itself as the origin, every ROV-enforcing network would reject it automatically. That's a large and growing share of the internet, since ROA coverage passed roughly half of all prefixes around 2024.

There's an irony worth noting. Durov's own proposed fix, telling operators to "reject Reliance's unauthorized announcements," is essentially a description of deploying RPKI and prefix filtering, which well-run networks already do.

The company mix-up at the center of the claim

Durov's allegation has a second, more basic problem: it appears to name the wrong company and assign a motive that doesn't hold up.

"Reliance" is a shared brand, not a single company. The original Reliance group split between the Ambani brothers in 2005, and the two halves are entirely separate businesses today. It's worth laying the two networks side by side.

AS18101, the one Durov named, is Reliance Communications (RCom). It is controlled by Anil Ambani, has been in insolvency since 2019, is effectively defunct as an operating telecom, and has no Meta ownership.

AS55836, the network most Indian users actually sit behind, is Reliance Jio. It is controlled by Mukesh Ambani's Reliance Industries, runs a 100+ Tbps consumer ISP serving hundreds of millions of users, and is the entity Meta holds an indirect stake in (via Jio Platforms).

AS18101 belongs to Reliance Communications, Anil Ambani's bankrupt telecom. It entered India's insolvency process in 2019, and on June 11, 2026, an Indian tribunal admitted a personal-insolvency petition against Anil Ambani himself as guarantor. This is not a thriving competitor running a sophisticated sabotage campaign. It's a company in the late stages of collapse.

India's dominant ISP, the network most users actually sit behind, is Reliance Jio (AS55836), a completely different entity.

The Meta motive doesn't survive a fact-check

Durov suggested the disruption might be a competitive war, because "Reliance is partially owned by Meta, the company behind WhatsApp." Untangling the companies dissolves that motive entirely.

Every Meta-to-Reliance tie runs to Jio / Reliance Industries (Mukesh Ambani), never to RCom:

• In April 2020, Facebook invested $5.7 billion for a 9.99% stake in Jio Platforms, its largest minority tech investment globally.

• In August 2025, Meta and Reliance Industries announced an AI joint venture, split 70% Reliance / 30% Meta.

So "Reliance is partially owned by Meta" is true of Jio Platforms and false of AS18101 / Reliance Communications, the entity Durov actually pointed at. Meta has no ownership interest in the bankrupt company named in the allegation. The competitive-war theory collapses once the two Reliances are separated.

The more likely explanation: ordinary ISP blocking

If it isn't a BGP hijack, what are users experiencing?

The symptoms fit the far more common (and far more boring) mechanism behind India's order: in-network blocking inside an ISP. That includes deep-packet-inspection (DPI) filtering, DNS-level blocking, or internally null-routing the traffic ("blackholing"). India's block was issued under Section 69A of the IT Act, 2000, the legal basis for exactly this kind of access restriction.

The key distinction is that this kind of blocking is local by design. It affects users on that network, in that country. It does not reach across borders to the UAE, unless a route accidentally leaks into global BGP, which is the rare failure mode discussed below. No monitor has observed such a leak from AS18101.

You can verify any of this yourself. Look up AS18101 and the prefix 149.154.160.0/22 on Cloudflare Radar, bgp.tools, or RIPEstat and check what each is actually announcing.

How a domestic block can go global: the cautionary cases

Durov's scenario isn't impossible in principle. There's a famous case where a national block bled out worldwide, plus others that show how routing mistakes cascade. These are useful for understanding the mechanism, not evidence that anything happened to Telegram here.

Pakistan vs. YouTube (2008), the closest parallel. Ordered to block YouTube domestically, Pakistan Telecom announced a more-specific slice of YouTube's address space as a local blackhole. Its upstream provider failed to filter it, and the route escaped globally. For about two hours, the world routed YouTube traffic toward Pakistan, taking the site down worldwide. This is the textbook example of a domestic block leaking out through inter-domain routing, the exact mechanism Durov implies, but with no evidence in the Reliance case.

MyEtherWallet (2018), a criminal hijack for theft. Attackers hijacked Amazon's DNS routes to redirect a crypto wallet's users to a fake site, stealing roughly $152,000 in Ether. RPKI-aware transit networks didn't propagate the bad routes.

Cloudflare's 1.1.1.1 (2024), a hijack plus a leak. A combination of a forged route and a leak briefly made Cloudflare's DNS resolver unreachable from over 300 networks across 70 countries. RPKI limited the damage but didn't fully prevent it, because not every network rejects oversized, more-specific routes.

The lesson across all three: hijacks and leaks are real and can be serious. But they show up in public data, get analyzed within hours by the operator community, and for an RPKI-protected target like Telegram's main prefix, they face strong technical headwinds. None of those fingerprints are present here.

Telegram's blocking history, for context

It's worth separating Durov's claim from the long, real history of Telegram being blocked, which has always been in-country blocking, not a competitor's BGP hijack.

Russia blocked Telegram from 2018 to 2020 after it refused to hand encryption keys to the security services, an effort that blocked millions of IPs and caused heavy collateral damage before being abandoned. Russia renewed throttling and blocking in early 2026. These were government-driven measures using DPI, IP blocking, and app-store delisting, not a rival telecom forging Telegram's routes.

That distinction is precisely what makes the Reliance allegation extraordinary. A government ordering an ISP to block an app is routine and well-documented. A bankrupt competitor secretly hijacking a messaging app's global routing on behalf of Meta would be a major, verifiable event, and the public routing data simply doesn't show it.

Frequently asked questions

Is Reliance BGP-hijacking Telegram? There is no public evidence that it is. As of June 16, 2026, no independent routing monitor or operator forum has corroborated the claim, and AS18101's routing table contains only its own Reliance Communications address space, with no Telegram prefixes.

Why is Telegram blocked in India? India ordered a temporary nationwide block under Section 69A of the IT Act after cheating networks used Telegram channels to sell fake and allegedly leaked papers for the NEET-UG medical entrance re-exam. The block is scheduled to be temporary.

Did Durov name the wrong company? The allegation points to AS18101, which belongs to Reliance Communications (Anil Ambani's bankrupt telecom). India's dominant ISP is Reliance Jio (AS55836, Mukesh Ambani), a separate company. They share only the "Reliance" brand.

Does Meta own Reliance? Meta owns a ~9.99% stake in Jio Platforms (part of Mukesh Ambani's Reliance Industries), not in Reliance Communications / AS18101. The "Meta-owned Reliance" motive applies to the wrong entity.

Could a domestic block in India affect users in the UAE? Normally no. ISP-level blocking is local. It would only spread internationally if a route leaked into global BGP, a rare failure mode that no monitor has observed in this case.

How can I check the routing data myself? Look up AS18101 and the prefix 149.154.160.0/22 on Cloudflare Radar, bgp.tools, or RIPEstat to see exactly what each network is announcing.

The bottom line

Pavel Durov is right that platform-wide bans are a blunt response to exam fraud. But his far bigger claim, that Reliance is BGP-hijacking Telegram for a Meta-backed competitive war, does not hold up on the public evidence available today. The routing data shows no hijack, the named company is bankrupt and shares no Meta ownership, and the symptoms match ordinary ISP-level blocking far better than a global routing attack.

In routing disputes, the table doesn't lie. Anyone can pull up AS18101 and Telegram's prefixes and check. So far, the table tells a very different story than the allegation does.