IP to ASN mapping algorithm

Question

Is there no easy way to map a given IP adress to the corresponding ASN number? For example:

ping to find out the IP adress:

$ ping www.switch.ch
PING aslan.switch.ch (130.59.108.36) 56(84) bytes of data.

whois lookup for the ASN number:

$ whois -h whois.cymru.com -v 130.59.108.36
Warning: RIPE flags used with a traditional server.
AS      | IP               | BGP Prefix          | CC | Registry | Allocated  | AS Name
559     | 130.59.108.36    | 130.59.0.0/16       | CH | ripencc  | 1993-09-22 | SWITCH SWITCH, Swiss Education and Research Network

So the mapping in this case would be 130.59.108.36 (IP)-> 559 (ASN). Easy. But what if I would like to create my own local mapping service with the public available information from the Regional Internet Registries? So, for the above example, it would be this list, right?

ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest

And to find the matching entrie is also not a problem:

ripencc|CH|ipv4|130.59.0.0|65536|19930922|assigned

But how do I get the ASN number from the line above?? How are those two informations linked together?

ripencc|EU|asn|559|1|19930901|allocated

Thanks in advance for a reply!

Answer 1

I explain how to do this here: https://www.quaxio.com/bgp/ (formerly at https://alokmenghrajani.github.io/bgp/)

It basically involves downloading a dump from a router and then using an efficient data representation to map an IP address to a netmask.

Answer 2

I'd propose doing this based on MRT dumps collected from an actual BGP speaker.

There is this python library f.e. that can be used to easily parse MRT dumps: http://code.google.com/p/pyasn/

If you're not able to run your own BGP speaker, you can download dumps at http://archive.routeviews.org/

Make sure you checkout their other stuff too. They provide also DNS zonefiles that would enable you to do such lookups using a standard DNS server such as Bind or NSD: http://archive.routeviews.org/dnszones/

I hope that gets you started...