Also see SSH certificate authority.
The internal CA doesn't see much use anymore with the advent of Let's Encrypt. (Previously it was the main CA used to issue certificates for my own servers.)
It is still used for client authentication (VPN & PKINIT).
X.509 certificate: Nullroute_CA_r5.crt or Nullroute_CA_r5.pem
(PGP signatures: Nullroute_CA_r5.crt.asc or Nullroute_CA_r5.pem.asc)
CN=Nullroute CA r5, O=Nullroute (PEN 46376), C=LT
Revoked due to possible key compromise.