0

Given an arbitrary IP address (registrar not known at this point), what's the easiest or most efficient way to look up the end-user CIDR to which it "belongs", and basic information about that IP block (such as registered name of owner).

I'm looking for this kind of function:

EXAMPLE INPUT:  
  $parent = get_parent_range_info('195.122.169.15');

DESIRED OUTPUT is an array that contains:

  End-user IP range it 'belongs' to =  195.122.169.0 - 195.122.169.63 (195.122.169.0/26)
  Range's registered netname = KASPERSKY-LAB

  [And other info if possible, eg:]

  descr:           BBLZ9143
  country:         DE
  changed:         ipan@level3.com 20101101
  person:          Sudakov Andrey
  address:         10/1 1st Volokolamsky Proezd
  address:         123060 Moscow,
  address:         Russia
  phone:           +79 030049180
  nic-hdl:         SA7294-RIPE
  e-mail:          unixadm@kaspersky.com
  notify:          unixadm@kaspersky.com
  mnt-by:          LEVEL3-MNT
  changed:         greg.farrell@level3.com 20101101

The info used in this example can be seen by entering IP at: https://apps.db.ripe.net/search/query.html . Other registrars have similar lookups on their websites.

The platform is PHP, with full access to shell "exec()" commands if easier.

I can see most registrars can provide this information (as XML or JSON), often through their website's API, and some *nix commands and perhaps PHP commands can intelligently work out which registrar handles an IP and discover some lookup information automatically. The few commands I know like whois, dig, host etc on *nix don't seem to provide this kind of information though.

How can I do it?

Stilez
  • 558
  • 5
  • 14
  • You could try [php-whois](https://github.com/regru/php-whois) – Jordan Doyle Feb 19 '14 at 23:22
  • **@Dagon** - Yes, "they" (RIPE) do. But there are many registrars, many APIs, which may change in future too - writing my own code to check one or all third party APIs is futile. The question is whether a command or function exists that automates it so that I can give an IP and "it just looks it up for me". Essentially a bit like `whois` or `host -av` in shell, where the end user doesn't need to know the details, or know the registrar, or call a third party API themselves. – Stilez Feb 19 '14 at 23:25
  • **@Jordan Doyle** - Not a bad, hadn't heard of that one, but sadly it does not address the need. That class starts from a resolved domain name and doesn't handle a raw IP, raw IPs may not have a reverse DNS lookup in `gethostbyaddress()` to pass to it. I also need to be sure it doesn't have issues with reuse in my code. – Stilez Feb 19 '14 at 23:49
  • @Stilez, no there is only 5 RIRs and this is not about to change anytime soon. Their format is stable and mostly close. Even better: they use RDAP now. You are in the "simple" case of IP registries not domain name registries. In the later case you will indeed need to handle thousands of registrars and hundreds of formats. – Patrick Mevzek Jan 08 '18 at 18:37

0 Answers0