Nowadays, the Internet of Things (IoT) research domain attracts the researchers, due to its extensive collection of applications and ease in deploying in several domains of real life, particularly for environments that are considered critical such as E-health, smart homes, and smart cities. Things in smart cities are intractable via the Internet. These things are naturally deployed in a distributed environment wirelessly. They become vulnerable to the diverse security attacks that can adversely influence their proper functionalities at any time. The stated problem severity even becomes higher when they are deployed in smart cities. In addition, it is very likely to compromise data while transferring from one source to another until reaching the destination during data routing. Existing Routing Protocols for Low Power and Lossy Networks (RPL) are considered lightweight and secure routing protocols for IoT devices, which offer a slight safeguard against innumerable forms of RPL routing attacks. Based on the nature of the IoT network, being resource constraints, the conventional routing techniques do not suit them at all. The IoT routing security is therefore, a challenging task. This review aims to elaborate on the current research literature, opportunities and research gaps of secure RPL routing protocols. Where mainly considering the Rank and Version number attacks types for IoT applications. Further, the review extravagant the need for a new secure RPL protocol to address the security issues of IoT applications for smart cities particularly based on available literature.