diff --git a/script_refresh-proxied-certs.sh b/script_refresh-proxied-certs.sh
index 7b48e18..c9d9a7e 100755
--- a/script_refresh-proxied-certs.sh
+++ b/script_refresh-proxied-certs.sh
@@ -43,6 +43,12 @@ for i in *.crt; do
 			fi
 		fi
 	fi
+
+	# While we are at it, let's check the expiry dates
+	if [ "$( date --date="$( openssl x509 -noout -dates -in "$i" | sed -n '/^notAfter/s/^notAfter=//p' )" +%s )" -lt "$(( $( date +%s ) + 86400 ))" ]; then
+		echo "WARNING: certificate '$i' near or already expired." >&2
+		EXIT_STATUS=1
+	fi
 done
 
 # Cleanup and exit