ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
License: MIT License
This ASN has a large number of prefixes and I'm trying to get a list of just the IPv6's.
When I add an IP Reputation token, it's still running for over 30 mins on a 50 Mbit FTTH uplink.
$ asn 45609
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭──────────────────────╮
│ ASN lookup for 45609 │
╰──────────────────────╯
AS Number ──> 45609
AS Name ──> BHARTI-MOBILITY-AS-AP Bharti Airtel Ltd. AS for GPRS Service, IN
Organization ──> Bharti Airtel Limited
AS Reg. date ──> 2017-08-10 02:29:43
Peering @IXPs ──> NONE
╭─────────────────────────────────────────────────────────────────────────────────────────────────╮
│ BGP informations for AS45609 (BHARTI-MOBILITY-AS-AP Bharti Airtel Ltd. AS for GPRS Service, IN) │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
Retrieving BGP data for AS45609 (BHARTI-MOBILITY-AS-AP Bharti Airtel Ltd. AS for GPRS Service, IN) (press CTRL-C to cancel)...parse error: Invalid numeric literal at line 1, column 7
parse error: Invalid numeric literal at line 1, column 7
parse error: Invalid numeric literal at line 1, column 7
Retrieving prefix allocations and announcements for AS45609 (BHARTI-MOBILITY-AS-AP Bharti Airtel Ltd. AS for GPRS Service, IN) (press CTRL-C to cancel)...^CInterrupted by signal 2...
It's possible to get output as CSV/Xls ?
Launching ./asn 15169 :
...
╭───────────────────────────────────────────╮
│ BGP informations for AS15169 (GOOGLE, US) │
╰───────────────────────────────────────────╯
Retrieving information for IPv4 prefix 0/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 1/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 2/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 3/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 4/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 5/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 6/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
Retrieving information for IPv4 prefix 7/805 (press CTRL-C to cancel)...host: '....origin.asn.cymru.com' is not a legal name (empty label)
...
Final print :
...
───── IPv4 ─────
NONE
───── IPv6 ─────
2001:4860::/32
2404:6800::/32
2404:f340::/32
2606:73c0::/32
2607:f8b0::/32
2620:120:e000::/40
2800:3f0::/32
2a00:1450::/29
2a00:79e0::/31
2c0f:fb50::/32
Is there currently a function implemented to use a text file of names / ips as the source for the data to lookup?
Thank you.
This ASN lookup string broke the pulling of a flag.
LINODE-AP Linode, LLC, US
I'm guessing the code grabs the second field in a comma separated list, as it attempted to grab llc.svg
We should probably grab the last item in the list.
I'll take a closer look when I have some time.
Today, asn hung at analyzing collected trace output.
$ git log --oneline --no-decorate -1
23b2d39 Minor tweaks
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭─────────────────────────────────╮
│ ASN lookup for www.tu-berlin.de │
╰─────────────────────────────────╯
- Resolving "www.tu-berlin.de"... 1 IP address found:
130.149.7.201 ┌PTR www.tu-berlin.de
├ASN 680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
├ORG DFN
├NET 130.149.0.0/16 (TUB)
├ABU [email protected]
├ROA ✓ UNKNOWN (no ROAs found)
├GEO Berlin, Berlin (DE)
└REP ✓ NONE
╭───────────────────────────╮
│ Trace to www.tu-berlin.de │
╰───────────────────────────╯
Hop IP Address Loss% Ping avg AS Information
1. 10.31.96.1 0% 2.7 ms BOGON rfc1918 (Private Space)
2. 10.31.251.254 0% 2.5 ms BOGON rfc1918 (Private Space)
3. 141.42.5.254 0% 2.7 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
4. rouxwin-tg-3.charite.de (193.175.73.2) 0% 15.2 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
5. roubrain-tg-3.charite.de (193.175.73.3) 0% 3.4 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
Analyzing collected trace output to 130.149.7.201 (press CTRL-C to cancel)...^C
Interrupted
I had to cancel it with Ctrl + c.
$ mtr -s 10 -r -c 10 www.tu-berlin.de
Start: 2022-03-29T09:29:06+0200
HOST: ersatz Loss% Snt Last Avg Best Wrst StDev
1.|-- _gateway 0.0% 10 62.4 8.3 1.8 62.4 19.0
2.|-- 10.31.251.254 0.0% 10 2.0 2.0 1.8 3.2 0.4
3.|-- 141.42.5.254 0.0% 10 2.6 2.5 2.1 3.5 0.4
4.|-- rouxwin-tg-3.charite.de 0.0% 10 2.6 3.0 2.6 3.5 0.3
5.|-- roubrain-tg-3.charite.de 0.0% 10 3.3 3.1 2.6 3.6 0.3
6.|-- 192.86.163.97 0.0% 10 3.2 3.1 2.5 3.5 0.3
7.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- 130.149.126.189 0.0% 10 3.5 3.7 3.0 6.2 0.9
10.|-- e-ns-e-n.gate.tu-berlin.d 0.0% 10 4.1 7.2 3.5 33.2 9.2
11.|-- www.tu-berlin.de 0.0% 10 2.8 3.3 2.8 3.9 0.3
$ traceroute www.tu-berlin.de
traceroute to www.tu-berlin.de (130.149.7.201), 30 hops max, 60 byte packets
1 _gateway (10.31.96.1) 1.886 ms 2.162 ms 2.556 ms
2 10.31.251.254 (10.31.251.254) 2.802 ms 3.195 ms 3.180 ms
3 rouxwin-tg-3.charite.de (193.175.73.2) 5.365 ms 4.705 ms 4.262 ms
4 roubrain-tg-3.charite.de (193.175.73.3) 5.319 ms 5.305 ms 4.924 ms
5 192.86.163.97 (192.86.163.97) 5.276 ms 5.669 ms 5.655 ms
6 * * *
7 * * *
8 130.149.126.189 (130.149.126.189) 5.170 ms 5.466 ms 6.123 ms
9 e-ns-e-n.gate.tu-berlin.de (130.149.126.78) 6.109 ms 6.094 ms 6.080 ms
10 www.tu-berlin.de (130.149.7.201) 6.395 ms 7.051 ms 6.366 ms
Please give us an option to disable color output and to get output as JSON. nobody wants those pesky colors in their terminal, those are for kiddos ;)
thanks for the awesome tool!
$ git log --oneline --no-decorate -1
741a5d5 reduced default shodan scanning threads - threads reduced from 20 to 10, Shodan introduced stricter rate limits (and longer cooldown timers)
$ dpkg -l ipcalc
Gewünscht=Unbekannt/Installieren/R=Entfernen/P=Vollständig Löschen/Halten
| Status=Nicht/Installiert/Config/U=Entpackt/halb konFiguriert/
Halb installiert/Trigger erWartet/Trigger anhängig
|/ Fehler?=(kein)/R=Neuinstallation notwendig (Status, Fehler: GROSS=schlecht)
||/ Name Version Architektur Beschreibung
+++-==============-============-============-=======================================
ii ipcalc 0.42-2 all parameter calculator for IPv4 addresses
$ ipcalc --version
0.5
$ ./asn github.com
╭─────────────╮
│ ! WARNING ! │
╰─────────────╯
The following tools were not found on this system:
- ipcalc
The following features will be disabled:
- CIDR deaggregation (due to incompatible ipcalc version - v0.41+ for Debian-based or v1.0.0+ for RHEL-based required, but you have v0.5)
Please install the necessary prerequisite packages
for your system by following these instructions:
>> https://github.com/nitefood/asn#prerequisite-packages <<
Press ENTER to continue...
Interrupted
Bulk geolocation feature may need some more testing.
It defaults every IP to : Ranong, Ranong, TH (Thailand) here:
$ echo "169.150.243.18 143.244.33.95 143.244.33.79 143.244.33.78 143.244.33.56 169.150.243.20 169.150.243.17" | asn -g
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭─────────────────────────────────────────╮
│ Geolocation lookup for multiple targets │
╰─────────────────────────────────────────╯
143.244.33.56 : Ranong, Ranong, TH (Thailand)
143.244.33.78 : Ranong, Ranong, TH (Thailand)
143.244.33.79 : Ranong, Ranong, TH (Thailand)
143.244.33.95 : Ranong, Ranong, TH (Thailand)
169.150.243.17 : Ranong, Ranong, TH (Thailand)
169.150.243.18 : Ranong, Ranong, TH (Thailand)
169.150.243.20 : Ranong, Ranong, TH (Thailand)
Adding an IPQuality API improves it a bit, but it still mention Ranong:
$ echo "169.150.243.18 143.244.33.95 143.244.33.79 143.244.33.78 143.244.33.56 169.150.243.20 169.150.243.17" | asn -g
╭─────────────────────────────────────────╮
│ Geolocation lookup for multiple targets │
╰─────────────────────────────────────────╯
143.244.33.56 : Singapore, Central Singapore, SG (Singapore)
143.244.33.78 : Ranong, Ranong, TH (Thailand)
143.244.33.79 : Singapore, Central Singapore, SG (Singapore)
143.244.33.95 : Singapore, Central Singapore, SG (Singapore)
169.150.243.17 : Singapore, Central Singapore, SG (Singapore)
169.150.243.18 : Singapore, Central Singapore, SG (Singapore)
169.150.243.20 : Singapore, Central Singapore, SG (Singapore)
Similar issue trying with a known list from the UK:
$ echo "84.17.50.99 185.59.221.179 84.17.50.98 89.187.88.237" | asn -g
╭─────────────────────────────────────────╮
│ Geolocation lookup for multiple targets │
╰─────────────────────────────────────────╯
185.59.221.179 : Ranong, Ranong, TH (Thailand)
84.17.50.98 : Ranong, Ranong, TH (Thailand)
84.17.50.99 : Ranong, Ranong, TH (Thailand)
89.187.88.237 : London, England, GB (United Kingdom)
I work for IPinfo and I appreciate the project featuring IPinfo. I saw that in a ticket you mentioned that you favored no-key access to API. IPinfo does provide no-key access to the API service and a generous limit for that as well. Over your current setup, we have the following to offer:
Users can also sign up for a free account and get a limit of 50,000 requests per month. If you are looking to add more functionality, you can also check out our free IP to ASN database. Please let me know what you think. Thanks!
One option I'm missing is to get results by providing the (company) name. Sometimes you don't even know the full name so you would provide a substring and get all results which contain the substring.
This option is e.g. available here: https://bgpview.io
btw. Thanks for the great tool :)
When you use it with the -g parameter, it prints the following error, do you know the reason?
jq: error (at :1): Cannot iterate over null (null)
I've been using this a bit and I really like it in server mode. Excellent as a looking glass. Nice crisp, colourful output.
And I've discovered aha, which is now my new favourite toy.
I can't help wondering if we could get this to execute on a bunch of remove machines (via ssh and keys) and output the results to the same page, one after the other. A bit like mtr.sh
What are you thoughts?
When listening in server mode, I don't get any output from asn.
[2021-04-11 18:15:45] INFO ASN Lookup Server listening on 192.168.3.21:49200
[2021-04-11 18:15:47] INFO Incoming connection by client 172.18.0.7
[2021-04-11 18:15:47] STARTED Lookup request by client 172.18.0.7 for target github.com (Request ID: 817759845)
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
./asn: line 1389: $max_msg_size: substring expression < 0
[2021-04-11 18:15:48] COMPLETED Lookup request by client 172.18.0.7 for target github.com (Request ID: 817759845)
./asn: line 1389: $max_msg_size: substring expression < 0
It looks like terminal_width is 0 at this point and thus max_msg_size = -23
I am using
$ git log --oneline --no-decorate -1
1f794b9 Add installation instructions for RHEL 7 and 8 (#38)
Then:
$ ./asn charite.de
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭───────────────────────────╮
│ ASN lookup for charite.de │
╰───────────────────────────╯
- Resolving "charite.de"... 1 IP address found:
141.42.206.113 ┌PTR charite.de
├ASN 680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
├ORG DFN
├NET 141.42.0.0/16 (CHARITE-NET)
├ABU [email protected] / [email protected]
├ROA ✓ VALID (1 ROA found)
├GEO Berlin, Land Berlin (DE)
├CPE [APP: php:php] [APP: apache:http_server] [APP: typo3:typo3]
├POR Open ports: 80, 443
└REP ✓ NONE
╭─────────────────────╮
│ Trace to charite.de │
╰─────────────────────╯
Hop IP Address Loss% Ping avg AS Information
1. o2.box (192.168.1.1) 80% 0.7 ms BOGON rfc1918 (Private Space)
2. loopback1.0002.acln.01.ber.de.net.telefonica.de (62.52.201.185) 80% 6.9 ms [AS6805] TDDE-ASN1, DE
3. bundle-ether16.0003.dbrx.01.ber.de.net.telefonica.de (62.53.2.84) 80% 7.0 ms [AS6805] TDDE-ASN1, DE
4. ae1-0.0001.prrx.01.ber.de.net.telefonica.de (62.53.11.125) 80% 9.2 ms [AS6805] TDDE-ASN1, DE
5. dfn.bcix.de (193.178.185.42) 20% 17.1 ms IXP BCIX (Berlin Commercial Internet Exchange)
6. kr-charit1.x-win.dfn.de (188.1.235.78) 80% 17.2 ms (WIN-IP / IP networking on DFN's Wissenschaftsnetz "X-WiN")
7. ??? 100% * (No reply)
8. ??? 100% * (No reply)
9. ??? 100% * (No reply)
10. charite.de (141.42.206.113) 20% 19.3 ms (CHARITE-NET / Charite - Universitaetsmedizin Berlin)
Trace completed in 37 seconds on 2023-02-20 14:22:40 CET
╭───────────────────────╮
│ AS path to charite.de │
╰───────────────────────╯
6805 TDDE-ASN1 (Local AS)
╭╯
╰ IXP BCIX (Berlin Commercial Internet Exchange)
The AS path information is missing the last AS680. It’s present in the mtr output:
$ mtr -z -s 10 -r -c 10 charite.de
Start: 2023-02-20T14:43:23+0100
HOST: ersatz Loss% Snt Last Avg Best Wrst StDev
1. AS??? o2.box 90.0% 10 2.5 2.5 2.5 2.5 0.0
2. AS??? loopback1.0002.acln 90.0% 10 7.0 7.0 7.0 7.0 0.0
3. AS??? bundle-ether16.0003 90.0% 10 7.3 7.3 7.3 7.3 0.0
4. AS6805 ae1-0.0001.prrx.01. 90.0% 10 6.4 6.4 6.4 6.4 0.0
5. AS??? dfn.bcix.de 10.0% 10 16.7 17.0 16.7 17.7 0.4
6. AS??? kr-charit1.x-win.df 90.0% 10 17.2 17.2 17.2 17.2 0.0
7. AS??? ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8. AS??? ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9. AS??? ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
10. AS680 charite.de 10.0% 10 19.1 19.0 18.6 19.2 0.2
lot of errors
integer expression expected .../usr/bin/asn: line 1781: [: 0
We are interested to introduce IP2Location.io API with IP geolocation and proxy detection feature.
We can assist with integration with free IP2Location.io if you are supporting PR from us.
Not every ipcalc supports -r as it seems, thus I see the following in the output somewhere in the middle while using asn from commit 64e9253:
ipcalc: bad argument -r: unknown option
Usage: ipcalc [OPTION...]
-c, --check Validate IP address for specified address family
-4, --ipv4 IPv4 address family (default)
-6, --ipv6 IPv6 address family
-b, --broadcast Display calculated broadcast address
-h, --hostname Show hostname determined via DNS
-m, --netmask Display default netmask for IP (class A, B, or C)
-n, --network Display network address
-p, --prefix Display network prefix
-s, --silent Don't ever display error messages
Help options:
-?, --help Show this help message
--usage Display brief usage message
$ rpm -qf `which ipcalc`
initscripts-9.49.53-1.el7_9.1.x86_64
$
Love the new updates. Great idea having added the ability to just click on a hop for a new asn_lookup.
Can we do the same for the remaining IPs that get "ignored"? To avoid ambiguity, in this screenshot 172.217.1.174
While I love this new feature, it does make the hop output a bit busy.
Can we remove the unscores from the hyperlinks and open the links in a new window (style="text-decoration: none;" and target="_blank" or something)?
I'm not sure aha supports that out of the box, so maybe a stylesheet?
My OCD is kicking in now, and the links to APIs seem inconsistent. Currently in the detailed ASN lookup top section we have
WHOIS, host.io and ipinfo.io
Can we change that to
whois, host and ipinfo (and without the chain link icon thing)
I don't mind doing this but as it's really esthetics and not functional, do feel free to tell me to naff off and get a life.
ASN number lookup output hurts my brain at the moment, but it's super rich.
Not sure how much sense it makes to do traceroutes to subnets, but maybe I'm missing something. I will spend more time playing with it soon.
Thanks again for this great tool
I would like to introduce the IP2Location.io IP geolocation API. It has the following advantages compare to other API providers.
Please consider IP2Location.io as one of the database source to get ASN. Feel free to ping me if you have any questions. Thank you.
Each lookup is acknowledged with the error "/usr/bin/asn: line 2770: printf: 32.98889175923534: invalid number"
`asn -u 1.1.1.1
╭────────────────────────╮
│ ASN lookup for 1.1.1.1 │
╰────────────────────────╯
╭───────────────────────────────────────────────────╮
│ Recently observed upstream/transit AS for 1.1.1.1 │
╰───────────────────────────────────────────────────╯
Legend:
██ most likely transit ( very large / Tier 1 upstream AS )
██ very likely transit ( >= 85% BGP updates from this AS )
██ likely transit ( >= 75% BGP updates from this AS )
██ potentially transit ( >= 65% BGP updates from this AS )
██ unlikely transit ( < 65% BGP updates from this AS )
Target : 1.1.1.1 (matching prefix: 1.1.1.0/24)
Origin AS : [AS13335] CLOUDFLARENET, US
CAIDA AS rank: #78 TOP 100 AS
/usr/bin/asn: line 2770: printf: 32.98889175923534: invalid number
██ AS2914 ( 32,00%) - NTT-LTD-2914, US
/usr/bin/asn: line 2770: printf: 31.95556703694136: invalid number
██ AS24482 ( 31,00%) - SGGS-AS-AP SG.GS, SG
/usr/bin/asn: line 2770: printf: 31.077241022991476: invalid number
██ AS1031 ( 31,00%) - PEER-1-INTERNET, US
/usr/bin/asn: line 2770: printf: 0.7491604236631362: invalid number
██ AS7195 ( 0,00%) - EDGEUNO SAS, CO
/usr/bin/asn: line 2770: printf: 0.41332988891759237: invalid number
██ AS37468 ( 0,00%) - ANGOLA-CABLES, AO
/usr/bin/asn: line 2770: printf: 0.3874967708602428: invalid number
██ AS12779 ( 0,00%) - ITGATE, IT
/usr/bin/asn: line 2770: printf: 0.3358305347455438: invalid number
██ AS3257 ( 0,00%) - GTT-BACKBONE GTT, US`
From a Hotel Wifi I get:
$ git log --oneline --no-decorate -1
6cb4456 improved subnet detection, introduced ROU element in report. - many ISPs allocate small blocks for PtP networks (or customers allocations), and take the time to define them in RIPE. But Cymru/Pwhois don't index these blocks (since they're not routed directly but aggregated in larger routes). Now `asn` will try to identify these subnets even if they're routed within larger prefixes. - NET element refers now to the smaller inetnum, while ROU reports the target IP's route. - Examples: - asn -n 188.152.136.18 - asn -n 195.103.16.76 - asn -n 217.212.125.124 - asn -n 2.228.17.105
$ ./asn -v www.molgen.mpg.de
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭──────────────────────────────────╮
│ ASN lookup for www.molgen.mpg.de │
╰──────────────────────────────────╯
- Resolving "www.molgen.mpg.de"... 1 IP address found:
[2022-11-10 19:58:14] DEBUG curl -s api64.ipify.org
[2022-11-10 19:58:16] DEBUG curl -m5 -s https://stat.ripe.net/data/abuse-contact-finder/data.json?resource=134.76.31.205&sourceapp=nitefood-asn
[2022-11-10 19:58:17] DEBUG curl -m4 -s https://ipmap.ripe.net/api/v1/locate/134.76.31.205/best
[2022-11-10 19:58:18] DEBUG curl -m4 -s http://ip-api.com/json/134.76.31.205?fields=status,message,country,countryCode,regionName,city,mobile,proxy,hosting
[2022-11-10 19:58:18] DEBUG curl -m2 -s https://api.incolumitas.com/datacenter?ip=134.76.31.205
[2022-11-10 19:58:18] DEBUG curl -m4 -s http://api.stopforumspam.org/api?json&ip=134.76.31.205
[2022-11-10 19:58:19] DEBUG curl -m5 -s https://api.greynoise.io/v3/community/134.76.31.205
[2022-11-10 19:58:20] DEBUG curl -m5 -s https://internetdb.shodan.io/134.76.31.205
[2022-11-10 19:58:21] DEBUG curl -s https://stat.ripe.net/data/rpki-validation/data.json?resource=680&prefix=134.76.0.0/16&sourceapp=nitefood-asn
134.76.31.205 ┌PTR npsw-www.mpg.de
├ASN 680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
├ORG GWD Goettingen
├NET 134.76.0.0/16 (GWDG)
├ABU [email protected] / [email protected]
├ROA ✓ VALID (2 ROAs found)
├TYP Mobile network IP
├GEO Göttingen, Lower Saxony (DE)
├CPE [APP: apache:http_server] [APP: rubyonrails:rails] [APP: ruby-lang:ruby]
├POR Open ports: 80, 443
└REP ✓ NONE
╭────────────────────────────╮
│ Trace to www.molgen.mpg.de │
╰────────────────────────────╯
[2022-11-10 19:58:22] DEBUG mtr -> 134.76.31.205 (5 rounds)
Hop IP Address Loss% Ping avg AS Information
1. _gateway (172.16.3.254) 0% 1.5 ms BOGON rfc1918 (Private Space)
2. host18523696-201.telnaptelecom.pl (185.236.96.201) 0% 1.4 ms [AS43372] TELNAP, PL
3. ??? 100% * (No reply)
4. host185186152-40.telnaptelecom.pl (185.186.152.40) 0% 7.9 ms [AS43372] TELNAP, PL
5. 82.177.247.209 0% 2.1 ms [AS20804] ASN-TELENERGO ul. PERKUNA 47, WARSZAWA, PL
[2022-11-10 19:58:36] DEBUG curl -s https://www.peeringdb.com/api/ixpfx?prefix__startswith=88.220&protocol__in=IPv4
6. 88.220.206.191 0% 21.5 ms (EXATEL-NET)
[2022-11-10 19:58:38] DEBUG curl -s https://www.peeringdb.com/api/ixpfx?prefix__startswith=88.220&protocol__in=IPv4
7. 88.220.204.181 0% 18.0 ms (EXATEL-NET)
[2022-11-10 19:58:39] DEBUG curl -s https://www.peeringdb.com/api/ixpfx?prefix__startswith=88.220&protocol__in=IPv4
8. 88.220.195.38 0% 18.1 ms (EXATEL-NET / Connected by EXATEL S.A.)
[2022-11-10 19:58:41] DEBUG curl -s https://www.peeringdb.com/api/ixpfx?prefix__startswith=88.220&protocol__in=IPv4
jq: error (at <stdin>:1): Cannot iterate over null (null)
9. 88.220.196.43 0% 16.3 ms (EXATEL-NET / Connected by EXATEL S.A.)
10. ??? 100% * (No reply)
11. cr-han2-be6.x-win.dfn.de (188.1.144.134) 0% 25.1 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
12. kr-goe12-13.x-win.dfn.de (188.1.231.126) 0% 27.9 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
C 13. gv-GWDGIR-gwdg.net.gwdg.de (134.76.147.181) 0% 27.8 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
14. npsw-www.mpg.de (134.76.31.205) 0% 26.2 ms [AS680] DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE
Trace completed in 22 seconds on 2022-11-10 19:58:44 CET
╭──────────────────────────────╮
│ AS path to www.molgen.mpg.de │
╰──────────────────────────────╯
43372 TELNAP (Local AS)
╭╯
╰20804 ASN-TELENERGO ul. PERKUNA 47
╭╯
╰680 DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.
Do you have any plans for Git tags? Based on the source code there seems to be some versioning (0.71.6 as of writing). Thus, do you see any chance to create a Git tag when bumping the version in the source code? This would ease packaging for Linux distributions.
I am totally newbie in python.
I look for a bgp asn traceroute program for my lab and find this program, which is very good for my objectives.
Unfortunately, I am not able to understand that how can I use it in Windows 10.
I will be very grateful, if you guide me.
I am extremely sorry if I make any inconvenience to you.
Hi, congrats on what looks like a great ASN lookup. I'd like to install this software but permission is denied @nitefood .
This is the error
Please can I access the file - can you share this? Thank you
Hello everyone,
I'm stopping by to express my gratitude for the incredible work done on the "asn" tool. It is with immense joy that I share the news that soon this tool will be available in Debian.
The effort and dedication of the developers behind this project are truly remarkable, and this milestone is a testament to the excellent work done by all.
Please find more details about the inclusion of "asn" in Debian at:
Link to Debian page
Once again, congratulations to all involved for this great achievement!
Best regards,
Marcos Rodrigues de Carvalho (aka oday) [email protected]
IPQualityScore provides a lot of useful information on abuse IP. Please, add option to always query it. Also add an option to pass settings string, like strictness=1&allow_public_access_points=false
For example, abuser IP 77.83.36.16 currently displays REP ✓ NONE, but with enabled IPQualityScore it will display REP ❌ BAD (Threat Score 87%) RECENT ABUSER PROXY. Passing strictness=1 will give even better results: REP ❌ BAD (Threat Score 100%) RECENT ABUSER BOT PROXY .
when i search for the ASNs using orgname for ext asn google.com, i get about 5 to 10 results matching the name and i need to key in the number i want to and the tools gives me a CIDR if present, is it possible that I can get all the CIDRS of the listed names at once with key in the required org name number
thanks
Probably some quoting issues:
$ bash -x ./asn -J 1547
[ ... ]
+ json_to_print+='"results":[{"asn":"1547","asname":"IDK-NETWORK, MD","org":"N/A","holder":"Societatea mixta pe actiuni de tip inchis "Interdnestrcom"","abuse_contacts":
[ ... ]
+ [[ true = true ]]
++ jq -M .
parse error: Invalid numeric literal at line 1, column 297
+ json_to_print=
+ echo -e ''
+ exit 0
Hi,
First of all, thank you for this amazing script.
I'm opening this issue as IPv6 traceroute doesn't work for me for some reason. When I try to traceroute to e.g. google.com'v IPv6 address, I get:
user@host:~$ ./asn 2a00:1450:4002:402::200e
[... a bunch of correct information ...]
Error: cannot trace an IPv6 from this IPv4-only host!
Similarly, when I run ./asn google.com it performs an IPv4 traceroute, even though the docs say it should perform an IPv6 traceroute when possible.
However, the host is definitely IPv6-enabled: I can successfully ping6 and traceroute6 to the very same address.
I'm gonna take a look myself and see if I can figure out the issue, and then update this issue.
I love asn, but it misses some IPv6 networks.
As an example, 'asn 5089' displays the network information for Virgin Media (UK), with many IPv4 subnets but no IPv6 subnets.
However a search for 'asn 2a02:8801::1' shows it is part of AS5089 (2a02:8801::/32). Virgin Media also have 2a02:8880::/25, and a search for an address in that subnet also works.
Is there a way to get these IPv6 subnets to show up?
Firstly, thanks for the handy tool!
When the script checks the StopForumSpam API, it uses HTTP instead of HTTPS.
The API docs mention that the client must support SNI for HTTPS to work.
curl has supported this since version 7.18.1 (released in March 2008) so I think it's safe to assume it'll be fine.
As for ip-api.com, it looks like it needs a license to use HTTPS. It would be nice to have an option to provide an API key, similar to what you've done with ipqualityscore.
But even just a comment in the script to mention this is the reason it's using the insecure protocol would be good.
When running in server mode, compare if you will
/asn_lookup&bbc.co.uk
and
/asn_lookup&www.bbc.co.uk
The error is:
host: '....origin.asn.cymru.com' is not a legal name (empty label)
host: '' is not in legal name syntax (unexpected end of input)
Looks like $rev doesn't get a value. I'll take a closer when i get some time
./asn www.bbc.co.uk works fine on the command line.
This looks great!
Trying to run on a Mac however and getting a coproc: command not found error in the script:
➜ ~ ./asn 8.8.8.8
╭────────────────────────╮
│ ASN lookup for 8.8.8.8 │
╰────────────────────────╯
8.8.8.8 ┌PTR dns.google
├ASN 15169 (GOOGLE, US)
├ORG Google LLC
├NET 8.8.8.0/24 (LVLT-GOGL-8-8-8)
├ABU [email protected]
├GEO Mountain View, California (US)
└REP ✓ GOOD
Tracing path to 8.8.8.8 (press CTRL-C to cancel)..../asn: line 234: coproc: command not found
╭──────────────────╮
│ Trace to 8.8.8.8 │
╰──────────────────╯
Hop IP Address Ping avg AS Information
1. ??? * (No reply)
Trace complete in 1 seconds.
Any ideas?
Hello there!
I am not an expert, and it might not be an issue with the code, but something changed because your amazing script stopped working for me since yesterday. I am running it on MacOS Ventura 13.1 with Homebrew.
Below is what happens:
sudo ./asn -n 40021
╭──────────────────────╮
│ ASN lookup for 40021 │
╰──────────────────────╯
AS Number ──> 40021
AS Name ──> CONTABO, US
Organization ──> CONTABO (Contabo Inc.)
Abuse contact ──> [email protected]
AS Reg. date ──> 2019-12-25 01:26:48
Peering @ixps ──> NONE
╭────────────────────────────────────────────╮
│ BGP informations for AS40021 (CONTABO, US) │
╰────────────────────────────────────────────╯
Retrieving prefix allocations and announcements for AS40021 (CONTABO, US) (press CTRL-C to cancel)...zsh: killed sudo ./asn -n 40021
In an effort to pinpoint the issue, I also got the following:
bash -x asn -v 40021 137 ⨯
(I removed the long list of ports)
╭──────────────────────╮
│ ASN lookup for 40021 │
╰──────────────────────╯
AS Number ──> 40021+ '[' false = true ']'
echo ''
echo -en ' AS Name ──> CONTABO, US'
AS Name ──> CONTABO, US+ '[' false = true ']'
printf '\n'
echo -e ' Organization ──> CONTABO (Contabo Inc.)'
Organization ──> CONTABO (Contabo Inc.)
echo -e ' Abuse contact ──> [email protected]'
Abuse contact ──> [email protected]
echo -e ' AS Reg. date ──> 2019-12-25 01:26:48'
AS Reg. date ──> 2019-12-25 01:26:48
echo -en ' Peering @ixps ──> '
Peering @ixps ──> + GetIXPresence 40021
asn=40021
ixps=
outputix=
json_ixps=
++ docurl -s 'https://www.peeringdb.com/api/net?asn__in=40021'
++ '[' true = true ']'
++ parm='-s https://www.peeringdb.com/api/net?asn__in=40021'
++ DebugPrint 'curl -s https://www.peeringdb.com/api/net?asn__in=40021'
++ '[' true = true ']'
++ jq -r '.data[].id'
+++ echo -e 'curl -s https://www.peeringdb.com/api/net?asn__in=40021'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://www.peeringdb.com/api/net?asn__in=40021'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:20] DEBUG curl -s https://www.peeringdb.com/api/net?asn__in=40021'
[2023-01-12 16:45:20] DEBUG curl -s https://www.peeringdb.com/api/net?asn__in=40021
++ curl -s 'https://www.peeringdb.com/api/net?asn__in=40021'
netlist=
'[' -n '' ']'
outputix=' NONE '
'[' false = true ']'
echo -e ' NONE \n'
NONE
BoxHeader 'BGP informations for AS40021 (CONTABO, US)'
[[ false = true ]]
local 'message=BGP informations for AS40021 (CONTABO, US)'
'[' false = true ']'
'[' false = true ']'
echo -e '\n╭────────────────────────────────────────────╮\n│ BGP informations for AS40021 (CONTABO, US) │\n╰────────────────────────────────────────────╯'
╭────────────────────────────────────────────╮
│ BGP informations for AS40021 (CONTABO, US) │
╰────────────────────────────────────────────╯
tput sgr 0
echo ''
QueryRipestat 40021
StatusbarMessage 'Retrieving BGP data for AS40021 (CONTABO, US)'
[[ false = true ]]
'[' true = true ']'
return
++ docurl -m5 -s 'https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ DebugPrint 'curl -m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
+++ echo -e 'curl -m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:21] DEBUG curl -m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
[2023-01-12 16:45:21] DEBUG curl -m5 -s https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn
++ curl -m5 -s 'https://stat.ripe.net/data/routing-status/data.json?resource=AS40021&sourceapp=nitefood-asn'
ripestat_routing_data='{
"messages": [
[
"info",
"Results exclude routes with very low visibility (less than 10 RIS full-feed peers seeing)."
],
[
"warning",
"Given query time (2023-01-12 16:00:00 UTC) has been changed because it is earlier than the time there is data available for!"
]
],
"see_also": [],
"version": "3.4",
"data_call_name": "routing-status",
"data_call_status": "supported - connecting to ursa",
"cached": true,
"data": {
"first_seen": {
"prefix": "72.166.7.0/24",
"origin": "40021",
"time": "2006-06-15T00:00:00"
},
"last_seen": {
"prefix": "85.239.240.0/21",
"origin": "40021",
"time": "2023-01-12T16:00:00"
},
"visibility": {
"v4": {
"ris_peers_seeing": 371,
"total_ris_peers": 371
},
"v6": {
"ris_peers_seeing": 372,
"total_ris_peers": 373
}
},
"announced_space": {
"v4": {
"prefixes": 51,
"ips": 72960
},
"v6": {
"prefixes": 4,
"48s": 262144
}
},
"observed_neighbours": 5,
"resource": "40021",
"query_time": "2023-01-12T16:00:00"
},
"query_id": "20230112214522-867191d5-4cf1-47d1-a01b-003412b0bc5c",
"process_time": 3,
"server_id": "app131",
"build_version": "live.2022.12.15.141",
"status": "ok",
"status_code": 200,
"time": "2023-01-12T21:45:22.330576"
}'
'[' -n '{
"messages": [
[
"info",
"Results exclude routes with very low visibility (less than 10 RIS full-feed peers seeing)."
],
[
"warning",
"Given query time (2023-01-12 16:00:00 UTC) has been changed because it is earlier than the time there is data available for!"
]
],
"see_also": [],
"version": "3.4",
"data_call_name": "routing-status",
"data_call_status": "supported - connecting to ursa",
"cached": true,
"data": {
"first_seen": {
"prefix": "72.166.7.0/24",
"origin": "40021",
"time": "2006-06-15T00:00:00"
},
"last_seen": {
"prefix": "85.239.240.0/21",
"origin": "40021",
"time": "2023-01-12T16:00:00"
},
"visibility": {
"v4": {
"ris_peers_seeing": 371,
"total_ris_peers": 371
},
"v6": {
"ris_peers_seeing": 372,
"total_ris_peers": 373
}
},
"announced_space": {
"v4": {
"prefixes": 51,
"ips": 72960
},
"v6": {
"prefixes": 4,
"48s": 262144
}
},
"observed_neighbours": 5,
"resource": "40021",
"query_time": "2023-01-12T16:00:00"
},
"query_id": "20230112214522-867191d5-4cf1-47d1-a01b-003412b0bc5c",
"process_time": 3,
"server_id": "app131",
"build_version": "live.2022.12.15.141",
"status": "ok",
"status_code": 200,
"time": "2023-01-12T21:45:22.330576"
}' ']'
++ jq -r .data.announced_space.v4.prefixes
ripestat_ipv4=51
++ jq -r .data.announced_space.v6.prefixes
ripestat_ipv6=4
++ jq -r .data.observed_neighbours
ripestat_bgp=5
StatusbarMessage 'Retrieving peering data for AS40021 (CONTABO, US)'
[[ false = true ]]
'[' true = true ']'
return
++ docurl -m5 -s 'https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ DebugPrint 'curl -m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
+++ echo -e 'curl -m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:22] DEBUG curl -m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
[2023-01-12 16:45:22] DEBUG curl -m5 -s https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn
++ curl -m5 -s 'https://stat.ripe.net/data/asn-neighbours/data.json?resource=AS40021&sourceapp=nitefood-asn'
ripestat_neighbours_data='{
"messages": [
[
"info",
"Query time has been set to the latest available time (2023-01-12 00:00 UTC)"
]
],
"see_also": [],
"version": "3.2",
"data_call_name": "asn-neighbours",
"data_call_status": "supported - connecting to ursa",
"cached": false,
"data": {
"resource": "40021",
"query_starttime": "2023-01-12T00:00:00",
"query_endtime": "2023-01-12T00:00:00",
"latest_time": "2023-01-12T00:00:00",
"earliest_time": "2015-12-21T00:00:00",
"neighbour_counts": {
"left": 4,
"right": 1,
"unique": 5,
"uncertain": 0
},
"neighbours": [
{
"asn": 174,
"type": "left",
"power": 995,
"v4_peers": 19084,
"v6_peers": 1622
},
{
"asn": 3356,
"type": "left",
"power": 346,
"v4_peers": 5333,
"v6_peers": 210
},
{
"asn": 46887,
"type": "left",
"power": 433,
"v4_peers": 381,
"v6_peers": 382
},
{
"asn": 62943,
"type": "left",
"power": 219,
"v4_peers": 612,
"v6_peers": 0
},
{
"asn": 6428,
"type": "right",
"power": 582,
"v4_peers": 5843,
"v6_peers": 712
}
]
},
"query_id": "20230112214523-8d2459ad-8691-49de-947f-435b7acedade",
"process_time": 124,
"server_id": "app137",
"build_version": "live.2022.12.15.141",
"status": "ok",
"status_code": 200,
"time": "2023-01-12T21:45:23.371517"
}'
++ jq -r '.data.neighbours | sort_by(.power) | reverse[] | select (.type=="left") | .asn'
upstream_peers='174
46887
3356
62943'
++ jq -r '.data.neighbours | sort_by(.power) | reverse[] | select (.type=="right") | .asn'
downstream_peers=6428
++ jq -r '.data.neighbours | sort_by(.power) | reverse[] | select (.type=="uncertain") | .asn'
uncertain_peers=
'[' false = true ']'
RESOLVE_COUNT=8
OUTPUT_PEERS_PER_LINE=4
++ echo '174
46887
3356
62943'
++ wc -l
++ gwc -l
upstream_peercount=4
resolved_upstream_peers=
count=0
++ echo -e '174
46887
3356
62943'
++ head -n 8
for peer in $(echo -e "$upstream_peers" | head -n $RESOLVE_COUNT)
(( count++ ))
++ docurl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
++ DebugPrint 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ jq -r .data.holder
++ sed 's/ - .*//'
+++ echo -e 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:23] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
[2023-01-12 16:45:23] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn
++ curl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS174&sourceapp=nitefood-asn'
peername=COGENT-174
'[' false = true ']'
resolved_upstream_peers+=' COGENT-174 (174) '
[[ 1 -eq 0 ]]
for peer in $(echo -e "$upstream_peers" | head -n $RESOLVE_COUNT)
(( count++ ))
++ docurl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
++ DebugPrint 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ jq -r .data.holder
++ sed 's/ - .*//'
+++ echo -e 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:24] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
[2023-01-12 16:45:24] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn
++ curl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS46887&sourceapp=nitefood-asn'
peername=LIGHTOWER
'[' false = true ']'
resolved_upstream_peers+=' LIGHTOWER (46887) '
[[ 2 -eq 0 ]]
for peer in $(echo -e "$upstream_peers" | head -n $RESOLVE_COUNT)
(( count++ ))
++ docurl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
++ DebugPrint 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ jq -r .data.holder
++ sed 's/ - .*//'
+++ echo -e 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:25] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
[2023-01-12 16:45:25] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn
++ curl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS3356&sourceapp=nitefood-asn'
peername=LEVEL3
'[' false = true ']'
resolved_upstream_peers+=' LEVEL3 (3356) '
[[ 3 -eq 0 ]]
for peer in $(echo -e "$upstream_peers" | head -n $RESOLVE_COUNT)
(( count++ ))
++ docurl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
++ DebugPrint 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
++ jq -r .data.holder
++ '[' true = true ']'
++ sed 's/ - .*//'
+++ echo -e 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:25] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
[2023-01-12 16:45:25] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn
++ curl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS62943&sourceapp=nitefood-asn'
peername=AS62943-BLUEBIRD-NETWORK
'[' false = true ']'
resolved_upstream_peers+=' AS62943-BLUEBIRD-NETWORK (62943) '
[[ 0 -eq 0 ]]
resolved_upstream_peers+='\n'
unresolved_peercount=-4
'[' -4 -ge 1 ']'
upstream_peers=' COGENT-174 (174) LIGHTOWER (46887) LEVEL3 (3356) AS62943-BLUEBIRD-NETWORK (62943) \n'
++ echo 6428
++ wc -l
++ gwc -l
downstream_peercount=1
resolved_downstream_peers=
count=0
++ echo -e 6428
++ head -n 8
for peer in $(echo -e "$downstream_peers" | head -n $RESOLVE_COUNT)
(( count++ ))
++ docurl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
++ DebugPrint 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ jq -r .data.holder
++ sed 's/ - .*//'
+++ echo -e 'curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:26] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
[2023-01-12 16:45:26] DEBUG curl -s https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn
++ curl -s 'https://stat.ripe.net/data/as-overview/data.json?resource=AS6428&sourceapp=nitefood-asn'
peername=CDM
'[' false = true ']'
resolved_downstream_peers+=' CDM (6428) '
[[ 1 -eq 0 ]]
unresolved_peercount=-7
'[' -7 -ge 1 ']'
downstream_peers=' CDM (6428) '
++ echo ''
++ wc -l
++ gwc -l
uncertain_peercount=1
resolved_uncertain_peers=
count=0
++ echo -e ''
++ head -n 8
unresolved_peercount=-7
'[' -7 -ge 1 ']'
uncertain_peers=
StatusbarMessage 'Retrieving prefix allocations and announcements for AS40021 (CONTABO, US)'
[[ false = true ]]
'[' true = true ']'
return
ipv4_inetnums=
ipv4_other_inetnums=
ipv6_inetnums=
json_ipv4_other_inetnums=
json_ipv6_other_inetnums=
++ docurl -m10 -s 'https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ parm='-m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
++ DebugPrint 'curl -m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
++ '[' true = true ']'
++ jq -r '.data.prefixes[].prefix'
+++ echo -e 'curl -m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
+++ tr -d '\r\n'
++ dbgstring='curl -m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
++ '[' false = false ']'
+++ date '+%F %T'
+++ gdate '+%F %T'
++ echo -e '[2023-01-12 16:45:27] DEBUG curl -m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
[2023-01-12 16:45:27] DEBUG curl -m10 -s https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn
++ curl -m10 -s 'https://stat.ripe.net/data/announced-prefixes/data.json?resource=40021&sourceapp=nitefood-asn'
ripe_prefixes='209.126.70.0/24
85.239.232.0/21
154.53.56.0/21
85.239.240.0/21
154.12.240.0/21
66.94.120.0/21
66.94.116.0/23
144.126.152.0/21
144.126.144.0/22
89.117.144.0/21
86.48.28.0/22
45.137.192.0/24
207.244.224.0/20
85.239.250.0/24
154.53.40.0/21
85.239.230.0/23
206.225.31.0/24
2605:a142::/32
154.12.248.0/22
185.187.235.0/24
66.94.119.0/24
154.53.32.0/21
209.126.79.0/24
209.145.48.0/20
2605:a141::/32
154.12.224.0/21
154.53.48.0/21
207.244.240.0/20
154.12.252.0/22
86.48.16.0/22
85.239.248.0/23
89.117.72.0/21
86.48.24.0/22
2605:a140::/32
209.126.0.0/20
154.38.160.0/21
144.126.148.0/22
66.94.104.0/21
66.94.118.0/24
86.48.20.0/22
209.126.80.0/21
194.113.67.0/24
38.105.232.0/24
38.105.209.0/24
144.126.128.0/20
45.137.194.0/24
154.12.232.0/21
66.94.112.0/22
209.126.77.0/24
66.94.96.0/21
5.180.151.0/24
176.57.165.0/24
89.117.16.0/21
194.140.196.0/22
2605:a143::/32'
++ jq -cM --slurp --raw-input 'split("\n") | map(select(length > 0)) | {v4:map(select(contains(":")|not)), v6:map(select(contains(":")))}'
json_ripe_prefixes='{"v4":["209.126.70.0/24","85.239.232.0/21","154.53.56.0/21","85.239.240.0/21","154.12.240.0/21","66.94.120.0/21","66.94.116.0/23","144.126.152.0/21","144.126.144.0/22","89.117.144.0/21","86.48.28.0/22","45.137.192.0/24","207.244.224.0/20","85.239.250.0/24","154.53.40.0/21","85.239.230.0/23","206.225.31.0/24","154.12.248.0/22","185.187.235.0/24","66.94.119.0/24","154.53.32.0/21","209.126.79.0/24","209.145.48.0/20","154.12.224.0/21","154.53.48.0/21","207.244.240.0/20","154.12.252.0/22","86.48.16.0/22","85.239.248.0/23","89.117.72.0/21","86.48.24.0/22","209.126.0.0/20","154.38.160.0/21","144.126.148.0/22","66.94.104.0/21","66.94.118.0/24","86.48.20.0/22","209.126.80.0/21","194.113.67.0/24","38.105.232.0/24","38.105.209.0/24","144.126.128.0/20","45.137.194.0/24","154.12.232.0/21","66.94.112.0/22","209.126.77.0/24","66.94.96.0/21","5.180.151.0/24","176.57.165.0/24","89.117.16.0/21","194.140.196.0/22"],"v6":["2605:a142::/32","2605:a141::/32","2605:a140::/32","2605:a143::/32"]}'
++ grep -v :
++ grep -Ev '^\n'
++ sort
ipv4_ripe_prefixes='144.126.128.0/20
144.126.144.0/22
144.126.148.0/22
144.126.152.0/21
154.12.224.0/21
154.12.232.0/21
154.12.240.0/21
154.12.248.0/22
154.12.252.0/22
154.38.160.0/21
154.53.32.0/21
154.53.40.0/21
154.53.48.0/21
154.53.56.0/21
176.57.165.0/24
185.187.235.0/24
194.113.67.0/24
194.140.196.0/22
206.225.31.0/24
207.244.224.0/20
207.244.240.0/20
209.126.0.0/20
209.126.70.0/24
209.126.77.0/24
209.126.79.0/24
209.126.80.0/21
209.145.48.0/20
38.105.209.0/24
38.105.232.0/24
45.137.192.0/24
45.137.194.0/24
5.180.151.0/24
66.94.104.0/21
66.94.112.0/22
66.94.116.0/23
66.94.118.0/24
66.94.119.0/24
66.94.120.0/21
66.94.96.0/21
85.239.230.0/23
85.239.232.0/21
85.239.240.0/21
85.239.248.0/23
85.239.250.0/24
86.48.16.0/22
86.48.20.0/22
86.48.24.0/22
86.48.28.0/22
89.117.144.0/21
89.117.16.0/21
89.117.72.0/21'
++ wc -l
++ gwc -l
ipv4_ripe_prefixes_count=51
++ grep :
++ grep -Ev '^\n'
++ sort
ipv6_ripe_prefixes='2605:a140::/32So
2605:a141::/32
2605:a142::/32
2605:a143::/32'
++ wc -l
++ gwc -l
ipv6_ripe_prefixes_count=4
exec
zsh: killed bash -x asn -v 40021
Sorry for the long output, I hope it helps. Looking at the script, I have the impression the problem is when it tries to open a persistent connection to RIPE Whois.
Thank you for the amazing script!
Currently, it looks like there is no date/time, from when the command was executed, in the output. I know, everyone could append date; asn …, but often it’s forgotten, and the date/time might be useful to correctly interpret the data (later).
On my Mac installed asn via brew, it doesn't matter which asn or or subnet I query, it always get's stuck on the last prefix forever. See attached image.
Possibly related to issue 34 - #34
asn dns.inxfiber.com
ipcalc: bad argument -v: unknown option
Usage: ipcalc [OPTION...]
-c, --check Validate IP address for specified address family
-4, --ipv4 IPv4 address family (default)
-6, --ipv6 IPv6 address family
-b, --broadcast Display calculated broadcast address
-h, --hostname Show hostname determined via DNS
-m, --netmask Display default netmask for IP (class A, B, or C)
-n, --network Display network address
-p, --prefix Display network prefix
-s, --silent Don't ever display error messagesHelp options:
-?, --help Show this help message
--usage Display brief usage message
yum whatprovides ipcalc
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
- base: ohioix.mm.fcix.net
- epel: mirrors.wcupa.edu
- extras: mirrors.sonic.net
- updates: repos.lax.layerhost.com
initscripts-9.49.53-1.el7.x86_64 : The inittab file and the /etc/init.d scripts
Repo : base
Matched from:
Filename : /usr/bin/ipcalc
It would be useful if the Script had the executable bit set in the repository so it was directly usable when cloning
Using traceroute shows cloudflare.bcix.de, but ASN’s trace does not.
$ git log --oneline -1 --no-decorate
23b2d39 Minor tweaks
$ ./asn 1.1.1.1
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭────────────────────────╮
│ ASN lookup for 1.1.1.1 │
╰────────────────────────╯
1.1.1.1 ┌PTR one.one.one.one
├ASN 13335 (CLOUDFLARENET, US)
├ORG APNIC and Cloudflare DNS Resolver project
├NET 1.1.1.0/24 (APNIC-LABS)
├ABU [email protected]
├ROA ✓ VALID (1 ROA found)
├TYP Anycast IP Hosting/DC
├GEO Magomeni, Dar es Salaam (TZ)
└REP ✓ KNOWN GOOD as "Cloudflare Public DNS"
╭──────────────────╮
│ Trace to 1.1.1.1 │
╰──────────────────╯
Hop IP Address Loss% Ping avg AS Information
1. ??? 100% * (No reply)
2. ??? 100% * (No reply)
3. ae14-0.0002.dbrx.02.ber.de.net.telefonica.de (62.53.11.222) 0% 9.2 ms [AS6805] TDDE-ASN1, DE
4. ae1-0.0002.prrx.02.ber.de.net.telefonica.de (62.53.12.61) 80% 7.5 ms [AS6805] TDDE-ASN1, DE
5. ??? 100% * (No reply)
6. one.one.one.one (1.1.1.1) 80% 9.1 ms [AS13335] CLOUDFLARENET, US
Trace complete in 11 seconds.
╭────────────────────╮
│ AS path to 1.1.1.1 │
╰────────────────────╯
6805 TDDE-ASN1 (Local AS)
╭╯
╰13335 CLOUDFLARENET
$ traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 ae14-0.0001.dbrx.02.ber.de.net.telefonica.de (62.53.11.220) 12.626 ms 12.610 ms 12.587 ms
4 ae0-0.0002.prrx.02.ber.de.net.telefonica.de (62.53.12.59) 11.638 ms ae0-0.0001.prrx.02.ber.de.net.telefonica.de (62.53.4.153) 12.564 ms ae1-0.0001.prrx.02.ber.de.net.telefonica.de (62.53.4.155) 17.601 ms
5 cloudflare.bcix.de (193.178.185.17) 17.145 ms as13335.berlin.megaport.com (194.9.117.74) 14.391 ms 14.379 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
Two routers with same IP address are treated as "routing loop", even there is no real routing loop. From asn output while using commit 64e9253:
Hop IP Address Loss% Ping avg AS Information
1. fritz.box (192.168.0.1) 0% 1.2 ms BOGON rfc1918 (Private Space)
2. dslb-084-059-211-001.084.059.pools.vodafone-ip.de (84.59.211.1) 0% 5.5 ms [AS3209] VODANET International IP-Backbone of Vodafone, DE
3. 88.79.14.158 0% 5.2 ms [AS3209] VODANET International IP-Backbone of Vodafone, DE
4. 88.79.15.124 0% 5.5 ms [AS3209] VODANET International IP-Backbone of Vodafone, DE
5. 188.111.129.42 0% 6.6 ms [AS3209] VODANET International IP-Backbone of Vodafone, DE
6. 145.254.2.209 0% 10.2 ms [AS3209] VODANET International IP-Backbone of Vodafone, DE
7. no route to host (routing loop detected) 100% * (No reply)
However, in mtr it looks like this:
$ mtr -w -z <…>
Start: 2021-10-14T01:31:28+0200
HOST: tux.example.net Loss% Snt Last Avg Best Wrst StDev
1. AS??? fritz.box 0.0% 10 1.1 1.1 1.0 1.1 0.0
2. AS3209 dslb-084-059-211-001.084.059.pools.vodafone-ip.de 0.0% 10 5.5 5.4 5.0 6.6 0.5
3. AS3209 88.79.14.158 0.0% 10 5.0 5.2 4.8 5.8 0.3
4. AS3209 88.79.15.124 0.0% 10 5.7 5.9 5.1 6.5 0.4
5. AS3209 188.111.129.42 0.0% 10 7.0 6.8 6.2 8.1 0.5
6. AS3209 145.254.2.209 0.0% 10 10.6 10.5 10.1 11.4 0.4
7. AS3209 145.254.2.209 0.0% 10 9.7 10.1 9.6 11.2 0.4
8. AS6830 de-str01c-rb01-be-1050.aorta.net 0.0% 10 12.5 12.7 12.3 13.8 0.5
9. AS3209 <…> 0.0% 10 12.2 12.2 11.9 12.7 0.2
10. AS<…> <…> 0.0% 10 12.0 18.7 11.7 78.2 20.9
$
So yes, the same IP address appears twice in the trace, but there is still no routing loop, the target can be properly reached.
Hi nitefood,
Mac seems to have an issue grabbing prefixes both IPv4 and v6:
:~/repo/asn [master]% sw_vers
ProductName: macOS
ProductVersion: 13.2.1
BuildVersion: 22D68
~/repo/asn [master]% git --no-pager log --oneline --no-decorate -1
f53ff33 IPv6 improvements (fixes #43) - improved host IPv6 detection reliability using ifconfig.co - improved host AS detection using RIPEStat for IPv6 and dual stack hosts - [server mode] switched default binding address to ::1 instead of 127.0.0.1 for IPv6 and dual stack hosts
~/repo/asn [master]% ./asn 5505
╭─────────────────────╮
│ ASN lookup for 5505 │
╰─────────────────────╯
AS Number ──> 5505
AS Name ──> VADAVO, ES
Organization ──> (VDV-VLC-RED06 VDV-VLC-RED06 - CLIENTES TELECOM)
Abuse contact ──> [email protected]
AS Reg. date ──> 2016-12-13 08:28:07
Peering @IXPs ──> DE-CIX Madrid: DE-CIX Madrid Peering LAN • ESPANIX Madrid Lower LAN
╭──────────────────────────────────────────╮
│ BGP informations for AS5505 (VADAVO, ES) │
╰──────────────────────────────────────────╯
Retrieving prefix allocations and announcements for AS5505 (VADAVO, ES) (press CTRL-C to cancel)...zsh: killed ./asn 5505
Seems to be an issue with how the connection to ripe is made, maybe?
~/repo/asn [master]% exec 85<>/dev/tcp/whois.ripe.net/43
zsh: no such file or directory: /dev/tcp/whois.ripe.net/43
~/repo/asn [master]% exec 3<>/dev/tcp/whois.ripe.net/43
zsh: no such file or directory: /dev/tcp/whois.ripe.net/43
Hello,
It would be nice to create a docker container for this.
Based on alpine and allow to pass environment variables to override the server options.
The start command should run the server option by default.
One IP per line.
Thanks a lot
Just a placeholder issue to permalink screenshots from the repo README.
Hi,
When I use the script to get informations of ASN, it appears that I don't received BGP Informations and Announced prefixes.
./asn 206610
────────────────────────────────────────────────────────────
WARNING
No IPQualityScore token found, so disabling in-depth threat
analysis and IP reputation lookups. Please visit
https://github.com/nitefood/asn#ip-reputation-api-token
for instructions on how to enable it.
────────────────────────────────────────────────────────────
╭───────────────────────╮
│ ASN lookup for 206610 │
╰───────────────────────╯
AS Number ──────> 206610
AS Name ────────> MIXVOIP, LU
Organization ───> Mixvoip S.A.
AS Reg. date ───> 2016-12-13 08:28:07
Peering @ixps ──> DE-CIX Dusseldorf: DE-CIX Dusseldorf Peering LAN | DE-CIX Frankfurt: DE-CIX Frankfurt Peering LAN | ECIX-DUS | ECIX-FRA | France-IX Paris | LU-CIX
╭─────────────────────────────────────────────╮
│ BGP informations for AS206610 (MIXVOIP, LU) │
╰─────────────────────────────────────────────╯
Retrieving prefix allocations and announcements for AS206610 (MIXVOIP, LU) (press CTRL-C to cancel)...
╭────────────────────────────────────────────────────────────╮
│ Announced prefixes (aggregated) for AS206610 (MIXVOIP, LU) │
╰────────────────────────────────────────────────────────────╯
───── IPv4 ─────
NONE
───── IPv6 ─────
NONE
I've tested with many ASN and the result is the same.
I did not have this result few days ago...
Could you help me to solve this occur ?
Regards
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.