diff --git a/libkeyringctl/sequoia.py b/libkeyringctl/sequoia.py
index 941f5e0..0bfdae3 100644
--- a/libkeyringctl/sequoia.py
+++ b/libkeyringctl/sequoia.py
@@ -5,6 +5,7 @@ from datetime import datetime
 from functools import reduce
 from pathlib import Path
 from platform import python_version_tuple
+from pysequoia import Cert
 from re import sub
 from tempfile import mkdtemp
 from typing import Dict
@@ -336,10 +337,13 @@ def key_extract_certificate(key: Path, output: Optional[Path]) -> str:
     The result of the extract in case output is None
     """
 
-    cmd = ["sq", "key", "extract-cert", str(key)]
+    cert = Cert.from_file(str(key))
+    # Conversion to string exports only public parts
+    public = str(cert)
     if output:
-        cmd.extend(["--output", str(output)])
-    return system(cmd)
+        with open(output, "wb") as f:
+            f.write(public.encode("utf8"))
+    return public
 
 
 def certify(key: Path, certificate: Path, uid: Uid, output: Optional[Path]) -> str: