In a private CA, I have some very long running certificates. In index.txt one of the expiration dates is 20730104163541Z meaning the certificate is valid until early 2073. If I run an updatedb command on this CA, this certificate is marked as "expired". I assume this is, because only the first two digits are interpreted as a year and this certificate therefore looks as if it would have been expired in 2020. I'm using openssl 1.1.1d.