asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / ASPath / Organization / IP reputation lookup

       Project author: nitefood <nitefood0@gmail.com>

       This manpage was created by Marcos Rodrigues de Carvalho (aka oday) <marcosrcarvalho42@gmail.com>

0.77.0                                              July 2024                                             ASN(1)

       ASN is a tool for performing various lookup operations related to ASN (Autonomous  System  Number),  RPKI
       validity, BGP statistics, IPv4/v6 addresses, prefixes, ASPaths, organizations, and IP reputations.

       Example server usage:

       asn-l (starts server on default IP(v4/v6):PORT)

       asn-l0.0.0.0--allow192.168.0.0/24,192.168.1.0/24,192.168.2.245  (binds  to  all  available   IPv4
       interfaces on the default port, allowing only connections from the three specified subnets)

       asn-l::2222--allow2001:DB8::/32 (binds to all available IPv6 interfaces on port 2222, allowing only
       connections from the specified prefix)

       asn-v-l0.0.0.0--allowfile~/goodips.txt-m5 (verbose mode, bind  to  all  IPv4  interfaces,  use  an
       allowfile with allowed addresses, accept a maximum of 5 concurrent connections)

       asn  -  ASN  / RPKI validity / BGP stats / IPv4v6 / Prefix / ASPath / Organization / IP reputation lookup
       tool

       Every option in server mode (after -l) is passed directly to the ncat listener. Refer  to  manncat  for
       more  details  on the available commands. Unless specified, the default IP:PORT values of 127.0.0.1:49200
       (for IPv4) or [::1]:49200 (for IPv6) will be used (e.g., 'asn -l').

-t(enabletrace)
              Enable AS path trace to the TARGET (this is the default behavior)

       -n(notrace|noadditionalINETNUMlookups)
              Disable tracing the AS path to the TARGET (for IP targets) or
              Disable  additional  (unannounced  / announced by other AS) INETNUM lookups for the TARGET (for AS
              targets)

       -d(detailed) Output detailed hop info during the AS path trace to the TARGET
              This option also enables RPKI validation/BGP hijacking detection for every hop

       -a(ASNSuggest)
              Lookup AS names and numbers matching TARGET-u(Transit/Upstreamlookup)
              Inspect  BGP  updates  and  ASPATHs  for  the  TARGET   address/prefix   and   identify   possible
              transit/upstream autonomous systems

       -c(CountryCIDR)
              Lookup all IPv4/v6 CIDR blocks allocated to the TARGET country

       -g(BulkGeolocate)
              Geolocate all IPv4/v6 addresses passed as TARGET
              This mode supports multiple targets, stdin input and IP extraction from input, e.g.
              asn-g</var/log/apache2/error.log or echo1.1.1.12.2.2.2|asn-g-s(Shodanscan)
              Query Shodan's InternetDB for CVE/CPE/Tags/Ports/Hostnames data about TARGET
              This mode supports multiple targets and stdin input, e.g.
              asn-s<iplist or echo1.1.1.0/24google.com|asn-s-o(organizationsearch)
              Force TARGET to be treated as an Organization Name

       -m(monochromeoutput)
              Disable colored output

       -v(verbose)
              Enable (and log to $HOME/asndebug.log) debug messages (URLs being queried and variable names being
              assigned)
              API call response data (i.e. the JSON output) is logged to the logfile.

       -j(compactJSONoutput)
              Set output to compact JSON mode (ideal for machine parsing)

       -J(pretty-printedJSONoutput)
              Set output to pretty-printed JSON mode

       -h(help)
              Show this help screen

       -l(lookupserver)
              Launch the script in server mode. See SERVEROPTIONS below

       To   file   a   bug   report  or  feature  request,  please  open  an  issue  on  the  project  homepage:
       https://github.com/nitefood/asn

BIND_ADDRESS
              IP address (v4/v6) to bind the listening server to (e.g., 'asn -l 0.0.0.0').
              Default value: 127.0.0.1(IPv4)or::1(IPv6).BIND_PORT
              TCP Port to bind the listening server to (e.g., 'asn -l 12345').
              Default value: 49200.BIND_ADDRESSBIND_PORT
              IP address and port to bind the listening server to (e.g., 'asn -l ::1 12345').

       -v(verbose)
              Enable verbose output and debug messages in server mode.

       --allow host[,host,...]
              Allow only given hosts to connect to the server.

       --allowfile file
              A file of hosts allowed to connect to the server.

       --deny host[,host,...]
              Deny given hosts from connecting to the server.

       --denyfile file
              A file of hosts denied from connecting to the server.

       -m, --max-conns <n>
              The maximum number of simultaneous connections accepted by the server. 100 is the default.

asn [OPTIONS] [TARGET]
       asn [-v] -l [SERVEROPTIONS]

<ASNumber>
              Lookup matching ASN and BGP announcements/neighbours data.

       <IPv4/IPv6>
              Lookup matching route(4/6), IP reputation, and ASN data.

       <Prefix>
              Lookup matching ASN data.

       <host.name.tld>
              Lookup matching IP, route, and ASN data. Supports multiple IPs - e.g. DNS RR.

       <URL>  Extract  hostname/IP  from  the  URL  and lookup relative data. Supports any protocol prefix, non-
              standard ports, and prepended credentials.

       <OrganizationName>
              Search by company name and lookup network ranges exported by (or related to) the company.