How to find out all IP ranges belonging to a certain AS?

networking internet ip provider

35,545

Solution 1

Ok, I just found one simple way. You just put this http://bgp.he.net/[ASXXX]#_prefixes in your browser, where [ASXXX] is a certain AS and a number like this http://bgp.he.net/AS714#_prefixes.

Solution 2

They're listed online with related details at http://ipinfo.io/AS714 (replace the ASN to get the equivalent details for any other ASN).

If instead of browsing them you'd rather grab them programmatically you can use the RADb whois server:

$ whois -h whois.radb.net -- '-i origin AS714' | grep -Eo "([0-9.]+){4}/[0-9]+" | head
17.108.0.0/16
17.106.0.0/15
17.102.0.0/16
17.207.0.0/16
17.216.0.0/16
17.250.48.0/24
17.252.65.0/24
192.35.50.0/24
17.148.0.0/14
17.86.0.0/17

Solution 3

For anyone else who finds this - I really liked Ben Dowling’s answer. However according to:

http://www.radb.net/support/query2.php

There is a different way which also yields very different results! I was testing a facebook IP which didn't come up in Bens' | head results. According to the above link the correct way of querying for IP4 addresses would be:

whois -h whois.radb.net '!gas714'

Equally as nice is the fact you can now find all IP6 addresses with:

whois -h whois.radb.net '!6as714'

As I say - when I ran this for the Facebook ASN I found my missing IP address.

Later update

Unfortunately Radb.net does not give out the correct data!! Try ASN 19281 for example and you'll see results given but if you simply whois radb.net with no parameters it will say “No records found.” It doesn't seem accurate enough IMHO.

Solution 4

I found that you can't really automate queries to bgp.he.net, I kept getting 403 responses, and then when I faked a user agent, it tried to verify that I was indeed a real browser. I kind of failed in everything with bgp.he.net (even contacting the site).

What DID work for me, was to query http://ipinfo.io as Ben Dowling said in another answer.

I did a python script to get every IP block per ASN. I had a list of every AS number in a csv file. here it is:

import requests
from bs4 import BeautifulSoup
import re


url_base = 'http://ipinfo.io/'
as_base = 'AS'

output = open('ip_per_asn.csv', 'w')
with open('chilean_asn.csv') as f:
    lines = f.read().splitlines()
    for asn in lines:
        ASN = as_base + asn
        page = requests.get(url_base+ASN)
        html_doc = page.content
        soup = BeautifulSoup(html_doc, 'html.parser')
        for link in soup.find_all('a'):
            if asn in link.get('href'):
                auxstring = '/'+as_base+asn+'/'
                line = re.sub(auxstring, '', link.get('href'))
                printstring = asn+','+line+'\n'
                if 'AS' not in printstring:
                    output.write(printstring)
        print asn+'\n'

print 'script finished'

That said, you can also use curl with ipinfo.io. Just try to be polite and don't make absurdly large queries to the servers.

Solution 5

An even easier way to get this information for say "19281" from: https://ipinfo.io/AS19281

grep with regex

ASN="19281"; curl -s https://ipinfo.io/AS${ASN} |grep -Eo "((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]).){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)" |sort -Vu

results:

[root@cpanel ~]# ASN="19281"; curl -s https://ipinfo.io/AS${ASN} |grep -Eo "((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]).){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)" |sort -Vu
9.9.9.0/24
149.112.112.0/24
149.112.149.0/24
199.249.255.0/24
[root@cpanel ~]#

For say Facebook: https://ipinfo.io/AS32934

can see how effective this method is.

[root@cpanel ~]# ASN="32934"; curl -s https://ipinfo.io/AS${ASN} |grep -Eo "((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]).){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)" |sort -Vu
31.13.24.0/21
31.13.64.0/18
31.13.64.0/19
31.13.64.0/24
31.13.65.0/24
31.13.66.0/24
31.13.67.0/24
31.13.70.0/24
31.13.71.0/24
31.13.72.0/24
31.13.73.0/24
31.13.74.0/24
31.13.76.0/24
31.13.77.0/24
31.13.80.0/24
31.13.81.0/24
31.13.82.0/24
31.13.83.0/24
31.13.84.0/24
31.13.85.0/24
31.13.86.0/24
31.13.87.0/24
31.13.89.0/24
31.13.92.0/24
31.13.93.0/24
31.13.94.0/24
31.13.96.0/19
45.64.40.0/22
66.220.144.0/20
66.220.144.0/21
66.220.152.0/21
69.63.176.0/20
69.63.176.0/21
69.171.224.0/19
69.171.224.0/20
69.171.240.0/20
69.171.250.0/24
74.119.76.0/22
102.132.96.0/20
102.132.96.0/24
103.4.96.0/22
129.134.0.0/17
129.134.25.0/24
129.134.26.0/24
129.134.27.0/24
129.134.28.0/24
129.134.29.0/24
129.134.30.0/23
129.134.30.0/24
129.134.31.0/24
157.240.0.0/17
157.240.1.0/24
157.240.2.0/24
157.240.3.0/24
157.240.6.0/24
157.240.7.0/24
157.240.8.0/24
157.240.9.0/24
157.240.10.0/24
157.240.11.0/24
157.240.12.0/24
157.240.13.0/24
157.240.14.0/24
157.240.17.0/24
157.240.18.0/24
157.240.19.0/24
157.240.20.0/24
157.240.21.0/24
157.240.22.0/24
157.240.26.0/24
157.240.27.0/24
157.240.28.0/24
157.240.29.0/24
157.240.30.0/24
157.240.192.0/18
157.240.193.0/24
157.240.194.0/24
157.240.195.0/24
157.240.196.0/24
157.240.197.0/24
157.240.199.0/24
157.240.200.0/24
157.240.201.0/24
157.240.203.0/24
157.240.204.0/24
157.240.206.0/24
157.240.207.0/24
157.240.209.0/24
157.240.210.0/24
157.240.212.0/24
157.240.215.0/24
157.240.216.0/24
157.240.217.0/24
157.240.218.0/24
157.240.220.0/24
157.240.221.0/24
157.240.222.0/24
157.240.223.0/24
173.252.64.0/19
173.252.88.0/21
173.252.96.0/19
179.60.192.0/22
179.60.192.0/24
179.60.193.0/24
179.60.194.0/24
179.60.195.0/24
185.60.216.0/22
185.60.216.0/24
185.60.217.0/24
185.60.218.0/24
185.60.219.0/24
185.89.218.0/23
185.89.218.0/24
185.89.219.0/24
204.15.20.0/22
[root@cpanel ~]#

Hope this helps someone out.

View more solutions

35,545

JohnnyFromBF

Updated on September 18, 2022

Comments

JohnnyFromBF over 1 year

I want to know what IP ranges are belonging for example to the AS714.

How do I get this information?

I know how to do the reverse way, which is easy with whois. But the other way doesn't seem to be that easy.
- Admin about 12 years
  
  Do you want IP address ranges that originate on this AS? (Direct customers who don't have an AS) What about IP address ranges only reachable through this AS? (Customers that have their own AS.) What about IP address ranges reachable through this AS but also other provider ASes? (Multihomed customers.)
- Admin about 12 years
  
  The purpose was to find out all the IP ranges my provider owns. I got this info by visiting bgp.potaroo.net/as1221/asnames.txt in order to find out the AS number and ripe.net/data-tools/stats/ris/routing-information-service in order to get all the IP ranges through the prefixes tab. Do you know other possibilities?
Hvisage almost 6 years

This method does have some troubles with long lists, like Facebook's ie. whois -h whois.radb.net -- '!6as32934' that gets "clipped" with a new-line in the middle of the addresses
Hvisage almost 6 years

which means you should rather use nc, as in: echo '!6as32934'|nc whois.radb.net 43
Jari Turkia almost 6 years

Thank you for this answer. Now I can create SMTP blocking lists for abusive hosting providers easily.
Giacomo1968 about 5 years

For reference, these other routing registries should work as well.