Poking around on my debian bookworm instance, I found /usr/local/share/ca-certificates/wmf_ca_2017_2020.crt, which looks like an expired SSL certificate:
Certificate: Data: Version: 3 (0x2) Serial Number: 9f:14:76:9e:ea:f4:18:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = California, L = San Francisco, O = Wikimedia Foundation, OU = Operations, CN = WMF CA 2017-2020 Validity Not Before: Jul 19 20:43:26 2017 GMT Not After : Jul 18 20:43:26 2020 GMT Subject: C = US, ST = California, L = San Francisco, O = Wikimedia Foundation, OU = Operations, CN = WMF CA 2017-2020
Does this do anything useful? Does it do any harm?