Closed ewongbb closed 4 years ago
It does seem like Cymru's data is out of date. Here is a note on their ASN service:
The country code, registry, and allocation date are all based on data obtained directly from the regional registries including: ARIN, RIPE, AFRINIC, APNIC, LACNIC. The information returned relating to these categories will only be as accurate as the data present in the RIR databases.
IMPORTANT NOTE: Country codes are likely to vary significantly from actual IP locations, and we must strongly advise that the IP to ASN mapping tool not be used as an IP geolocation (GeoIP) service.
I will document this. It should be recommended to prioritize the RDAP/Whois data results over the ASN results.
I was looking up 212.70.149.4 with the following code:
tmp = IPWhois('212.70.149.4').lookup_rdap()
the resulting info: { "nir": null, "asn_registry": "ripencc", "asn": "208410", "asn_cidr": "212.70.149.0/24", "asn_country_code": "BG", "asn_date": "2007-12-04", "asn_description": "INTERNET-HOSTING, BG", "query": "212.70.149.4", "network": { "handle": "212.70.149.0 - 212.70.149.255", "status": null, ...
When I use ripe.net's own lookup, I get:
The asn_country_code is returned as "BG". But with RIPENET's return it's GB.
Going through the code, I think it's something from net.py's get_asn_dns() though I think it isn't ipwhois but whatever's being returned from the line "data = self.dns_resolver.query(self.dns_zone, 'TXT')" doing this manually I get the following results:
4.149.70.212.origin.asn.cymru.com. 14400 IN TXT "208410 | 212.70.149.0/24 | BG | ripencc | 2007-12-04"
So while this isn't something about ipwhois, it's something to keep in mind for those using ipwhois.