You are here: Home > Manage IPs and ASNs > RIPE Database > Database Support > Querying the RIPE Database

Querying the RIPE Database

1. Introduction

2. Query Basics 

3. Query Methods for the RIPE Database

4. Query Multiple Databases with the Global Resource Service

5. Advanced Queries

1. Introduction

The RIPE Database contains records of:

    • Allocations and assignments of IP address space
    • Assignments of Autonomous System Numbers (AS Numbers)
    • Reverse DNS registrations 
    • Contact information
    • Routing policy information (in the Internet Routing Registry)

Some of this information is entered by the RIPE NCC, such as the IP address allocations and AS Number assignments that were given to a certain resource holder. Other information is entered by resource holders themselves, such as customer assignments, reverse DNS, routing and contact information.

People who want to query for this information have several options available to them, varying from a web interface to a command line tool, as well as a RESTful API. There are several ways in which you can influence the scope of your search. For example, you can query for a specific record identifier, do a free-text search, or perform a query that includes results from whois databases run by other Regional Internet Registries. This document will outline which query method will give you the best results.

2. Query Basics

The RIPE Database stores all information in records known as objects. These are blocks of text in a standard notation defined in the Routing Policy Specification Language (RPSL). An object has multiple fields, called attributes or keys, that each have a value. Here is an example of a person object, which describes an individual who has a certain responsibility, such as administrative or technical contact.

person:        Axel Pawlik
address: RIPE Network Coordination Centre (NCC)
address: Stationsplein 11
address: NL-1012 AB Amsterdam
address: Netherlands
phone: +31 20 535 4444
fax-no: +31 20 535 4445
nic-hdl: AP110-RIPE
mnt-by: RIPE-NCC-HM-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2017-02-10T16:09:59Z
source: RIPE

The formatted object in this example is created according to a template. There is a specific template for each object. Users have to stick to the template, as well as the syntax rules for each value, when creating an object in the RIPE Database. Here is the template for the person object.

person:        [mandatory] [single]   [lookup key]
address: [mandatory] [multiple] [ ]
phone: [mandatory] [multiple] [ ]
fax-no: [optional] [multiple] [ ]
e-mail: [optional] [multiple] [lookup key]
org: [optional] [multiple] [inverse key]
nic-hdl: [mandatory] [single] [primary/lookup key]
remarks: [optional] [multiple] [ ]
notify: [optional] [multiple] [inverse key]
abuse-mailbox: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
created: [generated] [single] [ ]
last-modified: [generated] [single] [ ]
source: [mandatory] [single] [ ]

Every attribute is marked as mandatory, optional, or whether the value is generated by the RIPE Database server. In addition, there is an indication if the attribute can only appear a single time, or if you can use it multiple times in the object. Finally, some attributes are flagged with a search key, which can be:

    1. a primary key
    2. a lookup key
    3. an inverse key

The primary key is a unique identifier within a set of objects of the same type. In the case of the person object, the "nic-hdl:" is the only attribute you can be sure won't appear in any other person object (unlike the "person:" attribute with the person's name). Thus, in this example, searching for "Axel Pawlik" might give you multiple results, but searching for "AP110-RIPE" will give you only one.

The lookup key is simply an attribute that is indexed, meaning that you can search for it. An inverse key allows you to search for all objects that reference that particular attribute value, which means you can for example do a query for 'all objects that have this specific "mnt-by:" value'. You can find more more details and examples in the Advanced Queries section.

The primary, lookup and inverse key are paramount to keep in mind when querying the RIPE Database, because only these attributes are searchable. This means that when looking for a specific person object, you can find it by querying for the value in the "person:", "email:" or "nic-hdl:" attribute, but not by the looking for the "address:" or "phone:" value. Lastly, you can only do inverse queries on some attributes.

Please note that when searching for resources such as an IP address block or AS Number, contact information from related objects will automatically be returned as well. You can only query for a limited amount of personal information every day. After reaching that limit, you will be blocked from making further queries. To disable automatic queries for personal information, please use the "-r" flag, as explained in the Advanced Queries section.

Using Full Text Search

If you are looking for a specific piece of information and you don't know one of the values required to find what you are looking for, you may consider using the Full Text Search instead of doing a standard query. Full Text Search treats the entire database as a flat text file and allows you to search for anything. The search is done on object text without regard for any relationships. As such, results may be very unstructured, but it can provide a good starting point for more specific standard queries later on. Keep in mind that Full Text Search is only available on the RIPE NCC website and not in other methods to query the RIPE Database.

3. Query Methods for the RIPE Database

There are four different ways to query the RIPE Database:

    • Using the web interface on the RIPE NCC website
    • Using telnet on port 43
    • Using a whois client, included in most UNIX-like distributions
    • Using the RESTful API

The web interface

For most use cases, the web interface provides a straightforward way to perform a RIPE Database query. With a simple check mark or radio button, you can easily broaden your search to include other databases, or narrow it down to only query for certain object types. If needed, you can switch to Full Text Search with a single click.

telnet on port 43

For users who prefer to query from the command line, you can open a telnet session to whois.ripe.net on port 43 and perform your query. After the result is returned the connection is automatically closed, unless you tell the RIPE Database to keep it open by using the "-k" flag.

A whois client

Alternatively, most UNIX-like operating systems are shipped with a whois client. These often add additional functionality and flexibility, but should be used with care. This is because the whois client itself accepts flags, but so does the RIPE Database. In addition, not every flag in every whois client implementation has the same meaning, for example in Linux versus BSD-based distributions. To ensure proper flag usage, refer to the man pages of your whois client.

The RESTful API

The RIPE Database also offers a RESTful API, which returns results in XML or JSON format. Your client should specify the desired response format using the Accept: header in the HTTP request or append an extension of .xml or .json to the request URL. The server will return a response in the appropriate format for that given extension. If the request fails, any error messages will be returned in the response body.

The URL for accessing the RESTful service is: 

    • https://rest.db.ripe.net/ripe

The full documentation for the RESTful API is available on Github.

4. Query Multiple Databases with the Global Resource Service

The RIPE Database only contains information related to IP addresses and ASNs that are managed by the RIPE NCC. So if you are querying for any random IP address that you would like more information on, you may get a specific result if the range is managed by the RIPE NCC, or you may find a generic placeholder that says the IP address belongs to a range managed by another Regional Internet Registry (RIR).

The RIPE NCC operates mirrors of the other RIRs' databases as well as some of the major routing registries, known as the Global Resource Service (GRS). When enabling GRS, you can query for any resource and get an authoritative response from the appropriate source, which in addition to the RIPE Database includes:

    • AFRINIC
    • APNIC
    • ARIN
    • LACNIC
    • JPIRR
    • RADB

Because the RIPE NCC is bound by Dutch and European data privacy laws, we are obliged to remove all personal data received from other databases. This is either removed at the source or stripped out and deleted during the transformation process. The RIPE NCC does not store any personal data from other registries. Where necessary, we create and reference dummy objects to keep data integrity intact.

Before importing the data we transform objects into RIPE RPSL syntax by carrying out the following steps:

    • Adding missing mandatory attributes
    • Wrapping unrecognised attributes with "remarks"
    • Creating dummy objects for missing data to keep referential integrity
    • Converting attribute values
    • All these transformations are marked by "End Of Line" comments in the objects

To use GRS from the web interface, select the appropriate radio button below the search box. When using telnet or the whois command line client, add the "--resource" flag to your query to query only the dummified GRS databases, or the "-a" flag to query all available databases, i.e. GRS sources and the original RIPE Database combined.

Using the API, you can specify one or multiple GRS source names as parameters, e.g. "source=arin-grs" or "source=arin-grs&source=apnic-grs". For more information, please refer to the documentation on Github.

5. Advanced Queries

By default, when you perform a query all object types and lookup keys are searched for. In many cases you will want to look for more specific information, which can be achieved by selecting the appropriate check box or radio button in the web interface, or by adding a specific flag to the search query.

IP address queries

When doing IP address lookups, you may want to see ranges that are more or less specific than your query to get a better understanding of the relationship between the ranges. Here is an overview of the most common flags. The full list can be found in the Query Reference Manual.

Inverse queries

Inverse queries request all objects to be returned that reference the specified query argument in the attribute(s) specified in the query flag arguments. For example, it will allow you to find all objects in which a certain person is the administrative contact (admin-c), or it will allow you to find all route objects in which a certain ASN is referenced as the "origin:" attribute. Here is an overview of the most common inverse query flags. The full list can be found in the Query Reference Manual.

 

In the web interface, there is a separate tab that allows you to do inverse queries. Here is an example of the notation in the command line interface.

Miscellaneous 

 

For a full overview of all query types and flags, please refer to the Query Reference Manual.