The certificate is self-signed with the SHA-256 algorithm and is valid for twelve years. The CA key of the root CA certificate is 4096 bits in length and was generated using the RSA algorithm. The certificate standard is based on the X.509v3-1996 format. The time format UTC (Universal Time Coordinated) is used.

The certificate only enables the CA key to be used to sign certificates and CRLs. In order to positively identify the Bundesbank Root CA 2017 Advanced, the following name (X.500 Distinguished Names) is used.

The fingerprint: The Bundesbank Root CA 2017 Advanced secures the PKI's own and other certificates. Once you trust the root CA, you also trust all the other certificates that are issued under this root CA. The root CA's fingerprint must therefore be checked before starting the process. The fingerprint can also generally be found on letters from the certification authority. 

Fingerprint