Hi, Since one week or so, I have a TLSA validation error for stat.ripe.net on TCP/443 at each time I visit https://atlas.ripe.net/ and I have the same result from the RIPE nlnog node: alarig@airmure ~ % echo '' | openssl s_client -connect atlas.ripe.net:443 2>/dev/null | openssl x509 -in /dev/stdin -fingerprint -sha256 | grep SHA256 | sed 's/://g' | cut -d '=' -f 2 8248E13AB5CA3BACAC63F15B831DA32F2CD54973EDF74E69B6A614B7295C02B4 alarig@airmure ~ % dig +short -t TLSA _443._tcp.atlas.ripe.net | awk '{ print $4 $5 }' 8248E13AB5CA3BACAC63F15B831DA32F2CD54973EDF74E69B6A614B7295C02B4 alarig@airmure ~ % echo '' | openssl s_client -connect stat.ripe.net:443 2>/dev/null | openssl x509 -in /dev/stdin -fingerprint -sha256 | grep SHA256 | sed 's/://g' | cut -d '=' -f 2 2A2B939449E847374121D4846E3117F23A0283C7B2818ED96C91D2808ABE4C0E alarig@airmure ~ % dig +short -t TLSA _443._tcp.stat.ripe.net | awk '{ print $4 $5 }' E3DC43427AA9F62D1E07BBE108AF62BEE84A454DB579FD57A4FFDFFD5A23E576 grifon@ripe01:~$ echo '' | openssl s_client -connect stat.ripe.net:443 2>/dev/null | openssl x509 -in /dev/stdin -fingerprint -sha256 | grep SHA256 | sed 's/://g' | cut -d '=' -f 2 2A2B939449E847374121D4846E3117F23A0283C7B2818ED96C91D2808ABE4C0E grifon@ripe01:~$ dig +short -t TLSA _443._tcp.stat.ripe.net | awk '{ print $4 $5 }' E3DC43427AA9F62D1E07BBE108AF62BEE84A454DB579FD57A4FFDFFD5A23E576 The commands are ugly but work on atlas.ripe.net. Could you please update it? Regards, -- Alarig Le Lay