Also see SSH certificate authority.
The internal CA doesn't see much use anymore with the advent of Let's Encrypt, but is still used for *.sym domains and client authentication (VPN & PKINIT).
X.509 certificate: Nullroute_CA_r5.crt or Nullroute_CA_r5.pem
(PGP signatures: Nullroute_CA_r5.crt.asc or Nullroute_CA_r5.pem.asc)
Subject:
CN=Nullroute CA r5, O=Nullroute (PEN 46376), C=LT
Fingerprint (SHA-1):
25:2f:b1:73:7d:f2:17:af:08:a3: