diff --git a/nagios/check_dane_tlsa.sh b/nagios/check_dane_tlsa.sh
index 076a71b..aeba019 100755
--- a/nagios/check_dane_tlsa.sh
+++ b/nagios/check_dane_tlsa.sh
@@ -62,7 +62,7 @@ if [ -z "$CHECKED_PORT" ];     then echo "ERROR empty parameter 'port'";     exi
 # FIXME: make a loop
 # return example : "1 1 1 4A2403E87DBC4354570C5FDE24348EAED50B7791E4E2C3FC1D79B487 DDB9CC2C"
 REQUEST_RECORD="_$CHECKED_PORT._$CHECKED_PROTOCOL.$CHECKED_HOSTNAME"
-TLSA_RECORD="$( dig "$REQUEST_RECORD" TLSA +short | sed 's/^\([0-3]\)[[:space:]]\([01]\)[[:space:]]\([01]\)[[:space:]]/\1;\2;\3;/' | sed 's/[[:space:]]//g' )"
+TLSA_RECORD="$( dig "$REQUEST_RECORD" TLSA +short | sed -n 's/^\([0-3]\)[[:space:]]\([01]\)[[:space:]]\([01]\)[[:space:]]/\1;\2;\3;/p' | sed 's/[[:space:]]//g' )"
 if [ -z "$TLSA_RECORD" ]; then echo "ERROR no TLSA record at $REQUEST_RECORD"; exit $STATE_CRITICAL; fi
 if [ -z "$( echo "$TLSA_RECORD" | sed -n '/^.;/p' )" ]; then echo "ERROR record malformed or too modern for this plugin"; exit $STATE_CRITICAL; fi
 CPT=0