AS & IP Lookup

whois -h whois.ripe.net -T as-set AS-SET-NAME
whois -h whois.ripe.net -T route 1.1.1.0/24
for ASN in `whois -h whois.ripe.net -T as-set AS-UPDATA | grep members`; do whois -h whois.ripe.net -T route -i origin $ASN | grep route: | awk '{print $2}'; done
for ASN in `whois -h whois.ripe.net -T as-set AS-UPDATA | grep members`; do whois -h whois.ripe.net -T route6 -i origin $ASN | grep route6: | awk '{print $2}'; done
whois -h filtergen.level3.net RIPE::AS51551
whois -h filtergen.level3.net RIPE::AS-UPDATA

iplookup.sh

#!/bin/bash

echo "Seaching for $1"

# Find the RIR for this IP/Block and get the whois output
RIR=`whois -h whois.iana.org $1 | grep whois: | awk {'print $2'}`
if [ "$RIR" == "" ]
then

    #Sometimes need to grep for "refer:" here instead
    RIR=`whois -h whois.iana.org $1 | grep refer: | awk {'print $2'}`
    if [ "$RIR" == "" ]
    then
        echo "Couldn't find RIR"
        exit 1
    fi

fi

echo "RIR: $RIR"
WHOIS_INFO=`whois -h $RIR $1`


# Check if this is a legacy IP assignment
STATUS=`whois -h whois.iana.org $1 | grep status: | awk '{print $2}'`
if [ "$STATUS" == "LEGACY" ]
then
    echo "LEGACY ASSIGNMENT!"
fi

#  A little over the top I guess but the second line of each variable is to strip
#  out surrounding white space so the output is a little neater
range=`echo "$WHOIS_INFO" | grep inetnum: | awk -F ":" '{print $2}'`
range=`echo ${range#"${x%%[![:space:]]*}"}`
org=`echo "$WHOIS_INFO" | grep organisation: | awk -F ":" '{print $2}'`
org=`echo ${org#"${x%%[![:space:]]*}"}`
desc=`echo "$WHOIS_INFO" | grep -m 1 descr: | awk -F ":" '{print $2}'`
desc=`echo ${desc#"${x%%[![:space:]]*}"}`
net=`echo "$WHOIS_INFO" | grep -m 1 netname: | awk -F ":" '{print $2}'`
net=`echo ${net#"${x%%[![:space:]]*}"}`

if [ "$range" == "" ] && [ "$org" == "" ] && [ "$desc" == "" ] && [ "$net" == "" ]
then
    echo "NO INFO FOUND!"
    whois -h whois.iana.org $1 | grep -v ^# | grep -v ^$ | grep -v ^%
    exit 1
fi


echo "IP Range: $range"
echo "Organisation: $org"
echo "Description: $desc"
echo "Network Name: $net"

# Get the origin AS from the RIR
ORIGIN="`echo "$WHOIS_INFO" | grep -m 1 origin: | awk '{print $2}'`"
# Make sure an origin is given in the whois output
if [ "$ORIGIN" == "" ]
then
    echo "No origin in whois record"
    exit 1
fi

echo "Origin: $ORIGIN"


# Also get the AS name from the RIR
ASName=`whois -h $RIR $ORIGIN | grep -m 1 as-name: | awk '{print $2}'`
echo "AS Name: $ASName"

echo "Lookup AS exports? (y to accept)"
read answer
if [ "$answer" = "y" ]
then
    ./aslookup.sh $ORIGIN
fi

aslookup.sh

#!/bin/bash

echo "Seaching for $1"

#Sometimes need to grep for "refer:" here instead
RIR=`whois -h whois.iana.org $1 | grep whois: | awk {'print $2'}`
if [ "$RIR" == "" ]
then

    RIR=`whois -h whois.iana.org $1 | grep refer: | awk {'print $2'}`

    if [ "$RIR" == "" ]
    then
        echo "Couldn't find RIR"
        exit 1
    fi

fi

echo "RIR: $RIR"


#Try and grab the name of the AS given
Name=`whois -h $RIR $1 | grep as-name | awk {'print $2'}`
if [ "$Name" = "" ]
then

    #Different whois DBs and their users, use differnt tags
    Name=`whois -h $RIR $1 | grep "ASName:" | awk {'print $2'}`
    if [ "$Name" = "" ]
    then
        Name="Couldn't find name, did you put \"AS1234\" and not just \"1234\"?"
    fi

fi

echo -e "Name: $Name\n"


echo "AS exports:"
#Not everyone reliably publishes their export/import values

ASExports=`whois -h $RIR $1 | grep export | awk {'print $3'}`
if [ `echo "${#ASExports}"` -eq 0 ]
then
        echo "[no exports published in whois info]"
else
    for ASNum in $ASExports
    do
        AS_RIR=`whois -h whois.iana.org $ASNum | grep whois: | awk {'print $2'}`
        ASName=`whois -h $AS_RIR $ASNum | grep "as-name" | awk {'print $2'}`
        if [ "$ASName" = "" ]
        then
             ASName=`whois -h $AS_RIR $ASNum | grep "ASName:" $ASInfo | awk {'print $2'}`
        fi
        echo "$ASNum $ASName"
    done
fi

echo "AS imports:"
ASImports=`whois -h $RIR $1 | grep import | awk {'print $3'}`
if [ `echo "${#ASImports}"` -eq 0 ]
then
        echo "[no imports published in whois info]"
else
    for ASNum in $ASImports
    do
        AS_RIR=`whois -h whois.iana.org $ASNum | grep whois: | awk {'print $2'}`
        ASName=`whois -h $AS_RIR $ASNum | grep "as-name" | awk {'print $2'}`
        if [ "$ASName" = "" ]
        then
             ASName=`whois -h $AS_RIR $ASNum | grep "ASName:" $ASInfo | awk {'print $2'}`
        fi
        echo "$ASNum $ASName"
    done
fi