RIPE NCC PGP Key Policy

Key Validity

RIPE NCC keys are used for one year, with the changeover taking place in January. The keys are named RIPE NCC <ncc _at_ ripe _dot_ net>.

The latest RIPE NCC PGP key is available for download.

  • We publish new keys each year in December
  • They are available from a secure website, on public key servers, and are distributed in a mail signed with the old key
  • We start using the new key in January, and after this point no emails will be sent using the old key
  • The old key expires in February, 15 months after creation

Getting the Key

You can get the current (2013) RIPE NCC key from a secure area on our website.

You should verify that the server certificate belongs to the RIPE NCC. The key published is signed by the Managing Director, the Chief Technical Officer and last year's RIPE NCC key.

The RIPE NCC key is also be published on public PGP servers.

PGP users can use their own PGP web of trust to verify and optionally sign the RIPE NCC key.

Emergency Procedure

If our private key is destroyed or compromised, we initiate an immediate key rollover . The new key is signed by the RIPE NCC Managing Director and the Chief Technical Officer.

Further Information

  • The RIPE NCC key is also be published on public PGP servers.
  • PGP users can use their own PGP web of trust to verify and optionally sign the RIPE NCC key.