Hello Alfredo,
Which is the value of your SECUDIR environment variable? Please, check in this folder (the SECUDIR folder) if you have any PSE rather than SAPSYS.pse... if you have SAPSSL* pses, then it is probably these pses that have the certificate expired but they're not maintained in STRUST.
You can also double check in table SSF_PSE_H if you have any SAPSSL* pse there as well.
I hope this guides you.
Best Regards,
Guilherme de Oliveira
SAP Active Global Support