Hi,
A realistic solution to this issue is not to have to move the NCC (except in really extreme circumstances), a solution could be to have a distributed trust-root (maybe the other RIRs, maybe trusted 3rd parties or a combination thereof). An operator can then choose to trust some, but not other, roots or accept a majority decision). The important feature is that there is no single point where an attack succeeds. This avoids the fatal flaw that a single trust-root implementation represents and, to an extent, preserves the distributed nature of the DFZ. Indeed, this would remove my *only* point of contention.
How would other parties get the certainty that they are issuing the certificates to the correct holder? The RIPE NCC is the single root of the address space managed by them. The NCC has contractual relationships with the holders etc. How would a third party be able to reliably certify that? Cheers, Sander