diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
index d60943b1..71093fe4 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
@@ -197,7 +197,7 @@ class EncryptionOptions(private val purpose: EncryptionPurpose) {
             encryptionKeySelector.selectEncryptionSubkeys(
                 info.getEncryptionSubkeys(userId, purpose))
         if (subkeys.isEmpty()) {
-            throw UnacceptableEncryptionKeyException(OpenPgpFingerprint.of(cert.pgpPublicKeyRing))
+            throw UnacceptableEncryptionKeyException(OpenPgpFingerprint.of(cert))
         }
 
         for (subkey in subkeys) {
@@ -296,12 +296,12 @@ class EncryptionOptions(private val purpose: EncryptionPurpose) {
                 info.primaryKeyExpirationDate
             } catch (e: NoSuchElementException) {
                 throw UnacceptableSelfSignatureException(
-                    OpenPgpFingerprint.of(cert.pgpPublicKeyRing))
+                    OpenPgpFingerprint.of(cert))
             }
 
         if (primaryKeyExpiration != null && primaryKeyExpiration < evaluationDate) {
             throw ExpiredKeyException(
-                OpenPgpFingerprint.of(cert.pgpPublicKeyRing), primaryKeyExpiration)
+                OpenPgpFingerprint.of(cert), primaryKeyExpiration)
         }
 
         var encryptionSubkeys = selector.selectEncryptionSubkeys(info.getEncryptionSubkeys(purpose))
@@ -318,7 +318,7 @@ class EncryptionOptions(private val purpose: EncryptionPurpose) {
         }
 
         if (encryptionSubkeys.isEmpty()) {
-            throw UnacceptableEncryptionKeyException(OpenPgpFingerprint.of(cert.pgpPublicKeyRing))
+            throw UnacceptableEncryptionKeyException(OpenPgpFingerprint.of(cert))
         }
 
         for (subkey in encryptionSubkeys) {
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt
index 6e9ca8a5..41b9a448 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt
@@ -149,7 +149,7 @@ class SigningOptions {
         val keyRingInfo = inspectKeyRing(signingKey, evaluationDate)
         if (userId != null && !keyRingInfo.isUserIdValid(userId)) {
             throw UnboundUserIdException(
-                of(signingKey.pgpSecretKeyRing),
+                of(signingKey),
                 userId.toString(),
                 keyRingInfo.getLatestUserIdCertification(userId),
                 keyRingInfo.getUserIdRevocation(userId))
@@ -157,14 +157,14 @@ class SigningOptions {
 
         val signingPubKeys = keyRingInfo.signingSubkeys
         if (signingPubKeys.isEmpty()) {
-            throw UnacceptableSigningKeyException(of(signingKey.pgpSecretKeyRing))
+            throw UnacceptableSigningKeyException(of(signingKey))
         }
 
         for (signingPubKey in signingPubKeys) {
             val signingSecKey: OpenPGPSecretKey =
                 signingKey.getSecretKey(signingPubKey)
                     ?: throw MissingSecretKeyException(
-                        of(signingKey.pgpSecretKeyRing), signingPubKey.keyIdentifier.keyId)
+                        of(signingKey), signingPubKey.keyIdentifier.keyId)
             val signingPrivKey: OpenPGPPrivateKey =
                 unlockSecretKey(signingSecKey, signingKeyProtector)
             val hashAlgorithms =
@@ -220,12 +220,12 @@ class SigningOptions {
         val keyRingInfo = inspectKeyRing(openPGPKey, evaluationDate)
         val signingPubKeys = keyRingInfo.signingSubkeys
         if (signingPubKeys.isEmpty()) {
-            throw UnacceptableSigningKeyException(of(openPGPKey.pgpSecretKeyRing))
+            throw UnacceptableSigningKeyException(of(openPGPKey))
         }
 
         if (!signingPubKeys.any { it.keyIdentifier.matches(signingKey.keyIdentifier) }) {
             throw MissingSecretKeyException(
-                of(openPGPKey.pgpSecretKeyRing), signingKey.keyIdentifier.keyId)
+                of(openPGPKey), signingKey.keyIdentifier.keyId)
         }
 
         val signingPrivKey = unlockSecretKey(signingKey, signingKeyProtector)
@@ -324,7 +324,7 @@ class SigningOptions {
         val keyRingInfo = inspectKeyRing(signingKey, evaluationDate)
         if (userId != null && !keyRingInfo.isUserIdValid(userId)) {
             throw UnboundUserIdException(
-                of(signingKey.pgpSecretKeyRing),
+                of(signingKey),
                 userId.toString(),
                 keyRingInfo.getLatestUserIdCertification(userId),
                 keyRingInfo.getUserIdRevocation(userId))
@@ -332,14 +332,14 @@ class SigningOptions {
 
         val signingPubKeys = keyRingInfo.signingSubkeys
         if (signingPubKeys.isEmpty()) {
-            throw UnacceptableSigningKeyException(of(signingKey.pgpSecretKeyRing))
+            throw UnacceptableSigningKeyException(of(signingKey))
         }
 
         for (signingPubKey in signingPubKeys) {
             val signingSecKey: OpenPGPSecretKey =
                 signingKey.getSecretKey(signingPubKey.keyIdentifier)
                     ?: throw MissingSecretKeyException(
-                        of(signingKey.pgpSecretKeyRing), signingPubKey.keyIdentifier.keyId)
+                        of(signingKey), signingPubKey.keyIdentifier.keyId)
             addDetachedSignature(
                 signingKeyProtector, signingSecKey, userId, signatureType, subpacketCallback)
         }
@@ -443,7 +443,7 @@ class SigningOptions {
         if (!getPolicy().publicKeyAlgorithmPolicy.isAcceptable(publicKeyAlgorithm, bitStrength)) {
             throw UnacceptableSigningKeyException(
                 PublicKeyAlgorithmPolicyException(
-                    of(signingKey.secretKey.pgpSecretKey),
+                    of(signingKey),
                     signingSecretKey.keyID,
                     publicKeyAlgorithm,
                     bitStrength))
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/OpenPgpFingerprint.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/OpenPgpFingerprint.kt
index 679df490..5352e67e 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/OpenPgpFingerprint.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/OpenPgpFingerprint.kt
@@ -9,6 +9,9 @@ import org.bouncycastle.bcpg.KeyIdentifier
 import org.bouncycastle.openpgp.PGPKeyRing
 import org.bouncycastle.openpgp.PGPPublicKey
 import org.bouncycastle.openpgp.PGPSecretKey
+import org.bouncycastle.openpgp.api.OpenPGPCertificate
+import org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPComponentKey
+import org.bouncycastle.openpgp.api.OpenPGPKey.OpenPGPPrivateKey
 import org.bouncycastle.util.encoders.Hex
 
 /** Abstract super class of different version OpenPGP fingerprints. */
@@ -129,6 +132,18 @@ abstract class OpenPgpFingerprint : CharSequence, Comparable<OpenPgpFingerprint>
          */
         @JvmStatic fun of(keys: PGPKeyRing): OpenPgpFingerprint = of(keys.publicKey)
 
+        /**
+         * Return the [OpenPgpFingerprint] of the primary key of the given [OpenPGPCertificate].
+         */
+        @JvmStatic fun of(cert: OpenPGPCertificate): OpenPgpFingerprint = of(cert.pgpPublicKeyRing)
+
+        /**
+         * Return the [OpenPgpFingerprint] of the given [OpenPGPComponentKey].
+         */
+        @JvmStatic fun of (key: OpenPGPComponentKey): OpenPgpFingerprint = of(key.pgpPublicKey)
+
+        @JvmStatic fun of (key: OpenPGPPrivateKey): OpenPgpFingerprint = of(key.secretKey)
+
         /**
          * Try to parse an [OpenPgpFingerprint] from the given fingerprint string. If the trimmed
          * fingerprint without whitespace is 64 characters long, it is either a v5 or v6