During a key ceremony, the auditors need a copy of all CA certificate fingerprints. This is typically achieved by downloading all CA certificates from the RA web and computing the fingerprint using OpenSSL.
To streamline this process, I suggest that we implement a button called "Get fingerprints" located on the page: ejbca/ra/cas.xhtml
When you click this button, EJBCA computes one fingerprint of every public key in the accessible crypto tokens, along with the fingerprints of all CA certificates on the system, together with a timestamp and information about the hash algorithm used to compute the fingerprints (for instance SHA-256). This information is shown as a text or HTML page which can be printed from the browser.
There should also be a button to download a zip file with all CA certificates which can be saved to the auditor's USB stick.